On Scooters and Stale Audits

Bear with me for a bit. When my son started intermediate school he wanted to scoot there. He had a flash scooter, so we got him a padlock and insisted he use it. Over the next few weeks we checked that this was happening. 6 months later we discovered that his padlock had seized up and he couldn’t use it. I reached for that old NZ standby – CRC – and got it working again.

Read More

ISO Blog Series Part 4: Road to ISO27001 – Document, Document and More Documenting

If you have been reading our blog series you will be following our journey to becoming ISO 27001 certified, which we achieved in February this year! In Part 3 we discussed how we utilised lockdown to get our advantage with some extra time on our hands. At that stage in our ISO journey, our ISMS was running with a high level of governance, however, it was not yet ready to get us ISO certified. There were still some pieces we needed to complete to get us over the line to achieve ISO 27001 certification. Let’s take a close look at the next stage we took on our journey to become ISO certified – one which involved a fair bit of documenting!

Read More


ISO Blog Series Part 3: Road to ISO 27001 – Lockdown, a lucky break!

If you have been following our ISO 27001 blog series you will know that Axenic is now officially ISO 27001 certified! The team is extremely excited about this accomplishment, however, the journey to becoming certified has not been easy. We are going to continue talking you through our journey to certification and Part 3 discusses our lockdown experiences and how we used this to our advantage.

Read More

ISO Blog Series Part 2: ISMS The Planning Stage what is involved

At the end of 2019, Axenic’s leadership team agreed to implement our strategy to achieve ISO 27001 certification. This took the form of setting aside resources to spend time on designing and implementing our Information Security Management System (ISMS). In this blog series, we will be taking you through Axenic’s journey to certification – to catch up on Part One of the series click here. In our second blog of the Axenic ISO 27001 certification journey, we take a look at the planning stage and what was involved in this important step.

Read More


ISO Blog Series Part 1: ISO 27001 Certification Announcement

Last week was an exciting week for the Axenic team with some big news. We are extremely proud that we achieved the ISO/IEC 27001:2013 certification and we don’t underestimate what a huge accomplishment this is for our business and importantly – our customers. Information security is at the core of what we do at Axenic, and we wanted to practice what we preach. You may be interested in getting ISO/IEC:2013 27001 certification for your organisation – read on to find out why we went through this process and what it means for our clients.

ISO 27001 Certification

Read More

From Chaos to Conformance: 4 Context of the organisation

Information security is all about context!

In my previous two articles in this series focused on developing an Information Security Management System (ISMS) based on ISO 27001:2013, I presented the common myths associated with the standard. In this article, I am going to provide an overview of the standard and section 4 Context of the organisation.

Read More