Information Security Management

ISO 27001  – Get compliant CLICK

Let’s look at the argument for implementation of the standard 

Running a business has a different level of risk now as compared to ten years ago and minimizing those risks have a lot to do with having a robust information security management system in place to support the management system.

The calm before the storm. You now have the General Data Protection Regulations, coming into force in the UK and the rest of Europe, the cyber threat landscape is becoming increasingly hostile and hazardous now.  In the midst of all that, businesses, small and large, are facing the growing threat of cyber-attacks that can impact a business in more ways than one, including:

  • Loss of customer trust,
  • Negatively impact the brand,
  • Causing material financial damage to the bottom line.
  • So you take the initiative and protect your business from the biggest facing companies now  – Cyber Crime 

You have to take ISO 27001 seriously now 

Companies that are awarded ISO 27001:2013 certification can claim that they:

  • Are taking appropriate control measures to protect confidential and privileged information.
  • Are following international best practices to mitigate cyber threats and have cyber incident response and management processes to respond to cyber attacks.
  • Have established a formal information risk management process and a functioning ISMS or Information Security Risk Management System.
  • Assuring customers and regulators that the business takes cyber security risks seriously.
  • Protecting and enhancing your brand reputation. 
  • Satisfying audit requirements by internal teams, customers and or regulators.  
  • Possibly realising financial savings in the long run (reduce expenditure on technology incidents, regulatory fines and non-compliance).

Think about this for one minute

Some of the biggest internal threats to a business ten years ago were things like stealing a little bit of intellectual property, rebranding it and taking it to the next company you end up working. 

Fast forward back to 2019 and you are one click away from infecting your entire IT infrastructure or leaving yourself exposed (under GDPR laws) to seriously large fines.

If you manage the risks involved and keep ahead of the curve you will not be one of these company that ends up being dissolved within two year. Stability and growth is what you will be looking at, as the competition fades away, you get stronger and become more profitable.

By Robert Burrus

The Benefits of PESTLE Analysis for Business Progression


The power of PESTLE Analysis

Business Strategy (PESTLE) – CLICK

PEST analysis (“Political, Economic, Social and Technological analysis”) describes a framework of macro-environmental factors used in the environmental scanning component of strategic management.

A more extended variant of PEST analysis, namely PESTLE, is also often used, which includes two more factors, Legal and Environmental, and is particularly popular in the United Kingdom (other variants include even more factors like Ethics, Demographic and Military; e.g. STEEPLED & STEMPLE).

PESTLE analysis concept is usually used as a tool by companies to track the environment they’re operating in, and in circumstances such as when they planning to launch a new project, product, service, etc.  The underlying analysis factors embedded in this methodology, as represented by the letters forming the word PESTLE, are described below:


Political factors

These factors determine the extent to which a government may influence the economy or a certain industry. [For example] a government may impose a new tax or duty due to which entire revenue generating structures of organizations might change. Political factors include tax policies, Fiscal policy, trade tariffs etc. that a government may levy around the fiscal year and it may affect the business environment (economic environment) to a great extent.

Economic factors

These factors are determinants of an economy’s performance that directly impacts a company and have resonating long-term effects. [For example] a rise in the inflation rate of any economy would affect the way companies’ price their products and services. Adding to that, it would affect the purchasing power of a consumer and change demand/supply models for that economy. Economic factors include inflation rate, interest rates, foreign exchange rates, economic growth patterns etc. It also accounts for the FDI (foreign direct investment) depending on certain specific industries who’re undergoing this analysis.

 Social factors

These factors scrutinize the social environment of the market, and gauge determinants like cultural trends, demographics, population analytics etc. An example for this can be buying trends for Western countries like the US where there is high demand during the Holiday season.

Technological factors 

These factors pertain to innovations in technology that may affect the operations of the industry and the market, either favorably or unfavorably. This refers to automation, research and development and the amount of technological awareness that a market possesses.

Legal factors

These factors have both external and internal sides. There are certain laws that affect the business environment in a certain country while there are certain policies that companies maintain for themselves. Legal analysis takes into account both of these angles and then charts out the strategies in light of these legislations. For example, consumer laws, safety standards, labor laws etc.

Environmental factors

Environmental factors include infrastructure, cyclical weather, disposal of materials, energy availability and cost, and the ecological consequences of production processes

How to Understand Pest Factors 


Political factors

  • Political factors include government tax policies and regulation, it may increase tax rate in a State and Country that may affect business.
  • Government laws on competition in the marketplace is another political factor i.e. provide incentives to growing businesses and cut down incentives to regular business like yours.
  • Is there any expected Elections on State and National Level and how it shifts government policies?
  • Who are the upcoming contenders for power? What is their agenda on Business policy and regulation?
  • What is the current and impending legislative changes
  • What are the other political factors and when they might change


Economic Factors

  • What is the current disposable income of customer and how it can change it the upcoming years
  • Currently, the economy is stable or not. It is growing economy, declining and stagnating economy
  • Whether the exchange rate is stable or not. What is the tendency of fluctuation?
  • What is the prevailing criteria of credit availability, how the credit criteria affect the business
  • What the prevailing unemployment rate? Will it be easy to hire the desired staff required?
  • You can consider many other factors according to the environment.


Social Factors

  • Do you know about overall population, there is a growth or contraction in the population where you are operating?
  • Know about social attitudes that might affect your business. Are there any noticeable socio-cultural changes in the environment?
  • What is the level of education and health in the society you are operating? Are there any changes in this external environment factors and how it affects you?
  • What are the religious beliefs and how it affects your business environment
  • What is the trend in overall society habits about saving, investments and spending?
  • Do you know any other social factors that might affect your business?


Technological Factors

  • Are there any innovative technologies your business could use?
  • If you access new technology, how it benefits you by redefining your product or cut costs etc?
  • How changing technology affect your customer base?
  • What technologies your competitor is using that positively affect their products and services?
  • What other technological factors you should consider?


How to Identify Opportunities

After all your Environmental Analysis what changes you have identified that are positive for your business environment. In the second step closely observe each change. How you can use these changes as opportunities that may redefine your product, increase customer base and cut costs. This will help you to enter new markets and expand your business.


How to Identify threats

You identified all those changes that affect your business positively. But on the other hand, some changes can also undermine your business. Once you understand the impact of changes (threats), you can avoid the issues or minimize the risk associated with these threats. For example, you noticed that innovative technology can cut costs, you can adapt to this change and can compete in a better manner.

Take Action

You have already identified opportunities and threats. Now its action time by taking advantage of identified opportunities and make them an integral part of your business plan. Apart from this, also consider identified threats and take necessary measures to minimize the intensity of associated risk.

If you want to better know the external marketing environment of your business, you must perform pest analysis by following this step by step process on regular basis.


Robert Burrus


Certified Associate in Project Management –  CA
Risk Management Professional –  PMI
Advanced Diploma in Risk Management
Certified Information Security Manager / Auditor – CISM – CISA
Diploma in Security Risk Management
MBA Project Management
Mechanical Engineering Degree – BEng (Hons)
Project Management Professional  – PMP
Prince2 Practitioner
Certified Scrum Master (CSM) Project Management

Diploma Conflict Management

Diploma IT Security