More dates

NZ Information Security Forum - November 2023

This event has passed Get tickets

Event description



Like ISO/IEC 27001 but backwards

As a consultant, Stephen Coates has witnessed a number of failed ISMS implementation projects. These are often due to a combination of focussing on the ISO/IEC 27001 mandatory clauses in sequence (from 4 to 10), treating these as a project plan and running out of steam, and trying to reimplement all of the Annex A controls at once. In this talk Stephen examines some of those failures and proposes working backwards, so that improvements, reviews, audits, metrics and operation are addressed earlier, rather than later or not at all.


Presenter - Stephen Coates


Stephen Coates is a pragmatic infosec consultant in the governance, risk management and compliance (GRC) space. He has come a long way since starting out as a software student apprentice, back in 1980's England. He now has many years of experience that cover information security, cloud, risk management, privacy, e-commerce, IT infrastructure and IT Service Management. Having worked in these fields for so long, he's accumulated a wealth of war stories and a treasure chest of badges and certifications, and he is also a PECB ISO/IEC 27001 Lead Auditor.


Powered by

Tickets for good, not greed Humanitix donates 100% of profits from booking fees to charity




Refund policy

Registration fees are non-refundable. However, in the event you're unable to join us, your registration may be transferred to another meeting up to one year after the missed session.