.svg){kind=small}
.svg){kind=small}
Data Security and Protection Toolkit (DSPT) 2025/2026 CAF
The new DSPT for 2025/2026 is now more closely aligned to the NCSC Cyber Assessment Framework (CAF). This means more outcome-based auditing, focused on how well organisations achieve the intended security and governance goals. Organisations are required to have an independent audit assessment to the agreed CAF-aligned DSPT audit framework. Dionach can provide these independent […]
From Policy to Practice: Penetration Testing for ISO 27001
ISO 27001:2022 is the international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). While the standard does not explicitly mandate penetration testing, it remains a critical supporting activity for demonstrating technical assurance and verifying the effectiveness of security controls. By incorporating regular, scoped, and risk-aligned penetration testing into their […]
ISO 27001 & AI: Don’t Rebuild. Extend.
As organisations race to integrate AI for competitive advantage, we rarely see a lack of activity. Instead, we see a variation in strategy, often resulting in missed opportunities for efficiency. We tend to see businesses fall into one of three categories. First, there are those pushing for speed; deploying AI rapidly to gain an edge while viewing […]