The ISO Review Podcast

Jim
  • 0.0 (0)
  • EDUCATION
  • UPDATED DAILY

The ISO Review Podcast is a production of SimplifyISO. In each episode, we share the latest International Standards Development, and is your resource for getting the most out of your management systems. Your podcast hosts are Howard Fox & Jim Moran. Howard is a Business Coach and Host of the Success InSight Podcast. Jim is an ISO Management System Professional, celebrating  30-plus years delivering ISO support.

  1. 50 Ways to Simplify Your ISO Management System - Part III

    4D AGO

    50 Ways to Simplify Your ISO Management System - Part III

    Welcome to another episode of the ISO Review Podcast, brought to you by Simplify ISO! In this installment, hosts Howard Fox and Jim Moran dive deeper into their ongoing series, "50 Ways to Simplify Your ISO Management System." With Jim Moran sharing wisdom from over 34 years in ISO support, the conversation unpacks practical tips for streamlining management systems—whether you’re tackling ISO 9001, 14001, 45001, or 27001. In this episode, you'll learn why replacing lengthy procedures with visual process maps, using checklists for repeatable tasks, and storing documents in a single location can make a world of difference in efficiency and clarity. Howard Fox and Jim Moran also spotlight common pitfalls like overly-complicated document numbering schemes and approvals bogged down by bureaucracy, offering straightforward alternatives to keep your ISO management system agile and user-friendly. If you’re ready to cut through the complexity and get more out of your management system, this episode is packed with actionable insights and real-world examples to help you simplify, improve, and enjoy the process. Let’s get started! DISCUSSION 00:00 "Process Design and Good Enough" 03:50 "Streamline Standards and Improvements" 07:28 Visual Communication Over Text 12:24 "Checklists Enhance Discipline and Audits" 17:23 Streamlining Document Control Processes 20:53 "Document Versioning and ISO Changes" 22:48 "Control Documents by Ownership" 27:05 "Design Systems to Match Workflow" 30:05 Document Management Complexity Insights NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    35 min
  2. 50 Ways to Simplify Your ISO Management System - Part II

    FEB 17

    50 Ways to Simplify Your ISO Management System - Part II

    Welcome to another episode of the ISO Review Podcast, brought to you by Simplify ISO! In today’s show, Howard Fox sits down with ISO Management System veteran Jim Moran, who marks his incredible 34th year delivering ISO support. Together, they continue with Part II of their episode series, “50 Ways to Simplify Your ISO Management System.” This episode is packed with actionable advice—like documenting only what you use, harnessing the power of flowcharts and visuals instead of mountains of text, and resisting the urge to over-document for auditors. Jim Moran shares tips for using tech tools to track documents and automate reminders, and emphasizes why “good enough” documentation is often the smartest path. The hosts also highlight the importance of standardizing templates and empowering employees to improve processes, all while keeping things straightforward and user-friendly. Whether you’re new to ISO management or a seasoned pro, Howard Fox and Jim Moran will help you rethink documentation and process design so you can build a management system that truly works for your organization—not just for the auditors. Stay tuned for practical takeaways, links to resources, and a bit of espresso-fueled camaraderie. DISCUSSION 00:00 Simplifying ISO Management Systems 06:01 Flowchart First for Efficiency 07:27 "Build Systems for Yourself" 10:58 "Reminder System for Recertification" 17:17 Ready, Fire, Aim Approach 18:19 "Standardizing Systems for Efficiency" 22:05 "Simple Systems Ensure Success" 25:52 "Visual-First Process Documentation" NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    30 min
  3. 50 Ways to Simplify Your ISO Management System - Part I

    FEB 3

    50 Ways to Simplify Your ISO Management System - Part I

    Welcome to another episode of the ISO Review Podcast, brought to you by Simplify ISO! In today’s show, Howard Fox sits down with ISO Management System veteran Jim Moran, who marks his incredible 34th year delivering ISO support. Together, they kick off an exciting new series focused on “50 Ways to Simplify Your ISO Management System.” You’ll hear Jim Moran reflect on the evolution of ISO 9001—from its origins in 1987 to the latest 2015 version—and break down how documentation requirements have dramatically changed over time. He shares practical strategies for trimming unnecessary procedures, integrating multiple management systems, and building processes that actually work for your organization, not just your auditor. If you’re looking for actionable tips to make your ISO management system more efficient and less overwhelming, this episode is the perfect starting point. Let’s dive in and learn how a simpler, smarter approach can make all the difference. DISCUSSION 00:00 Simplifying ISO Management Systems 04:13 Integrated Management Systems Explained 06:39 Taiichi Ohno's Lean Philosophy 11:04 "Integrated Systems for Usability" 13:28 "Evaluating Processes for Results" 18:39 Streamlined Competence Tracking Solutions 22:53 "Streamlined Tools for Everyday Use" 25:37 "ISO Insights and Celebrations" NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Click here to learn about our new DIY ISO 9001 program using AI Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    27 min
  4. ISO 27008: Preparing and Planning for IS Management System Assessments - Clauses 8.3 & 8.4

    JAN 20

    ISO 27008: Preparing and Planning for IS Management System Assessments - Clauses 8.3 & 8.4

    Welcome to the ISO Review Podcast! In this first episode of the New Year, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clauses 8.3 Conduction reviews and 8.4 Analysis and reporting results. Together, Howard Fox and Jim Moran unravel the best practices for conducting interviews, gathering and evaluating evidence, and ensuring your controls are truly effective. Whether you’re new to ISO standards or a seasoned professional, you’ll learn the keys to successful internal audits, tips for leveraging AI effectively and responsibly, and ways to keep your management system both simple and impactful. DISCUSSION 00:00 "AI Guidance and New ISO Standards" 05:39 "Reviewing Information Security Controls" 07:57 "Assessing Control Effectiveness" 11:27 Audit Evidence and Documentation Overview 18:00 "Auditing for Risk Management Improvement" 20:13 Cybersecurity Auditing and Compliance Standards 25:59 Documentation and Risk Connection 29:30 "AI Tools & Management Systems" NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Click here to learn about our new DIY ISO 9001 program using AI Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    32 min
  5. ISO 27008: Preparing and Planning for IS Management System Assessments - Clauses 8.1 & 8.2

    12/23/2025

    ISO 27008: Preparing and Planning for IS Management System Assessments - Clauses 8.1 & 8.2

    Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decision making. Whether you’re new to ISO 27008 or refining your organization’s approach, you’ll find actionable insights on preparing your team, setting objectives, and understanding the scope and criteria of your audit—all crucial for building confidence in your results. DISCUSSION 00:00 "ISO Review Podcast Highlights" 05:08 "Preparing for Effective Audits" 09:45 Audit Preparation and Planning Tips 12:43 Risk Management and Standards Compliance 14:33 "Focused Audit and Control Reviews" 22:03 "Information as an Asset" 24:34 Flexible Review Process Extension 30:12 Management Review and Documentation 31:25 Purposeful, Clear, Evidence-Based Reviews NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    38 min
  6. Assessing ISO 27001 Annex A Controls Using Practical Review Methods from Clause 7 in ISO 27008

    12/09/2025

    Assessing ISO 27001 Annex A Controls Using Practical Review Methods from Clause 7 in ISO 27008

    Welcome to another episode of the ISO Review Podcast, brought to you by Simplify ISO! In this installment, hosts Jim Moran and Howard Fox dive deep into Clause 7 of ISO 27008, unpacking practical review methods for assessing the effectiveness of Annex A controls under ISO 27001. Whether you're an internal auditor looking to sharpen your skills or someone new to information security management, this episode offers invaluable insights into process analysis, documentation reviews, interviews, technical testing, and more. Jim and Howard explore the importance of objectivity, consistency, and tailoring audit methods to an organization’s specific risks and needs. You’ll also hear real-world anecdotes and advice for building rapport, leveraging flowcharts, and achieving meaningful, repeatable assessments that truly protect your data—plus a preview of what’s next as they tee up the next episode’s focus on controlling assessment methods. DISCUSSION 00:00 ISO 27001 Annex A Assessment 05:15 "Objectivity and Repeatability in Auditing" 10:30 "Evaluating and Improving Controls" 14:25 "Streamlining Audits with Collaboration" 17:26 Training Effectiveness Needs Review 19:12 "Effective Auditing Methods" 23:53 Auditing Controls: Skills and Risks 27:07 AI Power Risks and Controls 29:11 Control Verification: Avoiding Risk 34:09 Advanced Testing Methods Overview 38:05 ISO Podcast: Clause Reviews & Resources NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at  https://www.linkedin.com/in/foxcoachinginc/ KEYWORDS ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    40 min
  7. Understanding ISO 27008: Effective Methods for Auditing Information Security Management Controls

    11/25/2025

    Understanding ISO 27008: Effective Methods for Auditing Information Security Management Controls

    Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Howard Fox and Jim Moran kick off a brand new series diving deep into the world of ISO/IEC 27008—the essential guidelines for assessing information security controls.  In today’s episode, we set the stage by exploring the structure and background of ISO 27008, including its key sections and practical annexes for technical and cloud service assessments. Jim emphasizes the need for competent auditors, objective assessments, and documented improvements that drive real value for organizations—reminding us that having procedures is not enough; they must be properly implemented and continually improved. Whether you’re a newcomer to ISO management systems or a seasoned pro, this series is designed to help you make sense of technical control assessments, understand compliance requirements, and ensure you’re protecting client, supplier, and employee information with the highest standards.  As always, you’ll find links to resources and ways to connect with Jim and Howard in the show notes. Grab your coffee, settle in, and get ready for a foundational look at information security management! DISCUSSION 00:00 Understanding ISO 27008 Assessments 05:58 "Information Security Control Overview" 07:24 "Effective Implementation of Controls" 12:39 "Ensuring Objective Audit Practices" 16:40 Ensuring Effective Security Assessments 18:10 ISO 27001 Implementation Insight 21:45 Prioritizing Information Security Risk Mitigation 25:56 Integrated Management System Audit 31:04 "ISO Review Podcast Updates" NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, Inc. KEYWORDS ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    32 min
  8. How to Assess Information Security Controls Using ISO 27008: Process, Scope, and Criteria

    11/04/2025

    How to Assess Information Security Controls Using ISO 27008: Process, Scope, and Criteria

    Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Jim Moran and Howard Fox dive deep into the essentials of assessing information security controls in line with ISO 27008.  Building on last week’s introduction, Jim Moran shares his expertise, highlighting the critical steps in reviewing and auditing controls from Annex A of ISO 27001, gathering evidence, and ensuring objectivity through well-structured assessment methodologies.  Whether you’re running a large organization or a small business, you’ll find practical tips for planning effective audits, resourcing your team, and leveraging checklists and flowcharts to enhance information security. Tune in for a comprehensive overview, actionable advice, and real-world examples designed to help you get the most out of your management systems and stay ahead in the ever-challenging world of information security. DISCUSSIOON 00:00 Information Security Control Assessments 05:00 "Assessment Tips and Tools" 07:17 Checklist Methodology and Evidence Gathering 12:38 Cybersecurity Auditing & Penetration Testing 15:19 Privacy Compliance in Home Care 18:33 ISO 27002 Training Importance 23:24 Auditor Roles and System Strengthening 24:58 Audit Purpose: Beyond Procedure Compliance 29:33 "Linking Risk to Audit Results" 33:09 ISO Podcast Episode Wrap-Up NEXT STEPS We appreciate your likes & comments, and shares.  Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional. Click here to learn about our new DIY ISO 9001 program using AI Conformance1's free online Gap Checklists: ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/ ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/ Learn more about Jim on LinkedIn & YouTube. LinkedIn LinkedIn Articles YouTube Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, Inc. KEYWORDS ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast #ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast

    35 min
See All (77)

About

The ISO Review Podcast is a production of SimplifyISO. In each episode, we share the latest International Standards Development, and is your resource for getting the most out of your management systems. Your podcast hosts are Howard Fox & Jim Moran. Howard is a Business Coach and Host of the Success InSight Podcast. Jim is an ISO Management System Professional, celebrating  30-plus years delivering ISO support.

Information

  • Creator
    Jim
  • Years Active
    2022 - 2026
  • Episodes
    77
  • Rating
    Explicit
  • Copyright
    © 2026 The ISO Review Podcast
  • Show Website
    The ISO Review Podcast