Stay ahead: Strengthen your business with third-party risk management

Third Party Risk Management

With the fast-paced business style, organisations nowadays heavily rely on third parties such as vendors, suppliers, logistics partners, cloud services providers, etc. These partnerships can offer great benefits but also could expose your organisation to risks. That’s where third-party risk management (TPRM) comes into play. TPRM provides a structured approach to evaluating and mitigating these potential risks.

Ready to take control and protect your business? Let’s dive into the world of TPRM!

Read More

Archer Continuous Assurance September Release

In September, we released an updated version of the Axenic Archer Continuous Assurance service. This service is being regularly updated and enhanced to ensure a high-quality and seamless user experience. These will be a regular occurrence and we will update the main changes here, ensuring that the solution is not only a continuous assurance product, it is also continually improving and innovating. Read on to find out all the latest release details and functions of the Archer Continuous Assurance product.

Read More


On Scooters and Stale Audits

Bear with me for a bit. When my son started intermediate school he wanted to scoot there. He had a flash scooter, so we got him a padlock and insisted he use it. Over the next few weeks we checked that this was happening. 6 months later we discovered that his padlock had seized up and he couldn’t use it. I reached for that old NZ standby – CRC – and got it working again.

Read More

What does a 1300km lockdown drive have in common with PCI?

“How does driving a 1,300km journey during the COVID-19 lockdown relate to PCI compliance?” I hear you say…

As those of you who know me, or have seen me present will know, I love a good metaphor.

Over Easter weekend I had the somewhat surreal experience of driving the 1,300km journey from home to Auckland International Airport and back again during New Zealand’s level 4 COVID-19 lockdown. On the trip home I was reflecting and couldn’t help thinking about the similarities between the lockdown, making this a safe compliant trip and PCI DSS compliance.

Read More


From Chaos to Conformance: 4 Context of the organisation

Information security is all about context!

In my previous two articles in this series focused on developing an Information Security Management System (ISMS) based on ISO 27001:2013, I presented the common myths associated with the standard. In this article, I am going to provide an overview of the standard and section 4 Context of the organisation.

Read More

From Chaos to Conformance: More ISO 27001 myths

Dispelling more common myths

Okay, I know I promised to delve into and discuss the requirements defined in 4 Context of the organisation. However, I realised that they are other common myths that I should dispel for those of you that are interested in implementing an Information Security Management System (ISMS) that conforms with ISO/IEC 27001:2013 (ISO 27001).

Read More