In this episode of Lead the Standard, hosts Kelly Taylor and Jackie Stapleton dive into ISO 27001, exploring its relevancy and foundational concepts for beginners. They discuss ISO 27001 principles, risk management, the ISMS framework, Annex A controls, and the PDCA cycle. Jackie recounts her journey of writing about ISO 27001 from a beginner's perspective, questioning if one needs an IT background to understand and implement it. The episode also unveils an exciting announcement about upcoming ISO 27001 micro credentials and qualifications at ATOL. The conversation highlights the importance of exposure, continual improvement, and staying updated with legal and regulatory requirements in managing information security effectively. 00:00 Introduction to ISO 27001 00:26 Meet the Hosts and Episode Overview 01:48 The Beginner's Perspective on ISO 27001 03:47 The Importance of IT Experience 06:25 Foundational Knowledge and Poll Results 09:46 Information Security Principles 20:46 Risk Management in ISO 27001 30:19 Introduction to ISMS Framework 35:14 Understanding Annex A Controls 41:34 The PDCA Cycle in ISO 27001 47:09 Legal and Regulatory Requirements 55:00 Conclusion and Exciting Announcements The links we promised • Read the LTS Article: https://blog.auditortrainingonline.com/lead-the-standard/2025-05 • ATOL ISO 27001 Courses: https://auditortrainingonline.com/home/category/iso-27001-information-security • Connect with Jackie: o https://www.linkedin.com/in/jackiestapleton/ o https://jackiestapleton.com/ o Jackies Book is coming register for pre-sale now…. https://jackiestapleton.myflodesk.com/leadthestandardbook • Connect with Kelly: https://www.linkedin.com/in/kellytaylor-au/ DISCLAIMER: This podcast is intended for general guidance and informational purposes only. The views and opinions expressed by the hosts, co-hosts, guests, and contributors are their own and do not necessarily reflect those of Auditor Training Online (ATOL) or its affiliated entities. While every effort is made to ensure the accuracy and currency of the information shared, including references to ISO standards and related clauses, this content should not be considered definitive legal, regulatory, or professional advice. Listeners should always consult with a qualified professional for advice tailored to their specific business context or compliance obligations. Unless otherwise stated, all information relating to ISO standards, including clause references and revision details, is based on the version of the standard current at the time of recording and publication. As standards are periodically reviewed and updated, we encourage listeners to confirm the latest version applicable to their needs. ATOL does not accept any liability for reliance on the information presented in this podcast. Content may be updated, removed, or corrected without notice. © Auditor Training Online Pty Ltd 2025. All Rights Reserved | www.auditortrainingonline.com