What is the Cyber Resilience Act – CRA The Cyber Resilience Act is the first European regulation to set a mandatory minimum level of cyber security for all connected products available on the EU market – something that did not exist before. The CRA is a regulation from the European Union — formally Regulation (EU) 2024/2847 […]
This is a a developer focused guide in three parts to evolving code, architecture, and processes with the purpose of turning a raw concept into a usable product. This process is one of the hardest parts of software development. Teams often jump into implementation too early, or they build something polished before testing whether the […]
We continue the series of 3 articles with the second one, about the Minimum Viable Product (MVP). Here is the first article in the series, From Idea to Proof of Concept to MVP: The Idea stage (1/3) and the second article, the From Idea to Proof of Concept to MVP: The POC stage (2/3) . 3. […]
We continue the series of 3 articles with the second one, about the Proof of Concept (POC). Here is the first article in the series, From Idea to Proof of Concept to MVP: The Idea stage (1/3) . 2. The Proof of Concept (POC) The POC is where the team tests a specific risky assumption […]
This is a a developer focused guide in three parts to evolving code, architecture, and processes with the purpose of turning a raw concept into a usable product. This process is one of the hardest parts of software development. Teams often jump into implementation too early, or they build something polished before testing whether the […]
If you work in software development, you are most probably using one of the well known Agile methodologies like Scrum, Kanban or Scrumban. But if you are using one of them, for example Scrum, and you feel that you need so When a software team considers moving from Scrum to Kanban or Scrumban, the biggest […]
Agile software development, particularly using Scrum, has revolutionized the way software is built and delivered. At its core, Agile embraces iterative and incremental development, a stark contrast to traditional “waterfall” methodologies. The primary objective is to deliver working software frequently and in small increments, ensuring continuous feedback, adaptability, and rapid value delivery. However, we know […]
Note: This post is written with a lot of help from AI, used to summarize the standards mentioned below. Artificial intelligence (AI) is reshaping industries, but it also brings new risks. From security vulnerabilities to compliance challenges, organizations must balance innovation with responsibility. New standards were created and newer are emerging to guide this […]
Ever wondered what the differences between these terms are? We use them in GRC very often, but we rarely think what they mean. This creates in time some stretching of these concepts, meaning that their meanings overlap to a certain degree. A Policy is a high-level, mandatory statement of principles and intent. A Standard […]
I wrote ages ago this article, where I compared briefly the Annex A in the two versions of the standard: https://www.sorinmustaca.com/annex-a-of-iso-27001-2022-explained/ But, I feel that there is still need to detail a bit the changes, especially that now more and more business are forced to re-audit for the newer standard. Overview of Annex A […]
You must be logged in to post a comment.