PECB University and Crest Advisory Africa – Informative Session

successful multiethnic business colleagues in modern office

Discover how we’re revolutionizing Executive MBA Programs! Our CEO, Nico Snyman, teamed up with PECB University to introduce students to their program, while sharing his expertise in Corporate Governance, Risk Management, Business Continuity Management, and Internal Audit. Plus, students get hands-on experience with Harvard Business Publishing Education’s case studies and simulations!

BIA – How to Structure the Resource Analysis for a Business Impact Analysis

BIA - Business Impact Analysis

Introduction One of the processes within the Business Continuity Management System (BCMS) is the development of a Business Impact Analysis. I have experienced several companies that are struggling with this process and this concept. In this article, I will explain the structure of one of the sections within the BIA process. This structure is analysing […]

The ERM Risk Matrix: Modelling Fault

ERM Risk Matrix

Introduction Enterprise Risk Management (ERM) is describing a Risk Matrix (ERM Risk Matrix) as a tool for ranking and displaying risks by defining ranges for consequence and likelihood. This is a very easy concept if one knows how to develop matrixes, and this is where the catch is. Over the 35 years, where I have […]

Business Continuity: From a Best Practice to a Priority Objective

Business Continuity: From a Best Practice to a Priority Objective

The COVID-19 pandemic has changed the global business environment. During various global implementation practices for managing the pandemic, we were the audience to experience various lockdown regulations, businesses who had to make difficult decisions regarding cash flow, retrenchment of staff, placing of people on furlough and in severe circumstances, the closing down of businesses, etc.Some […]

Corruption, Corruption, Bribery, Bribery: The Non Violent Killer of a Society

CAA Default

COVID 19 has brought about hardship for millions of people across the world. In an article I wrote for the PECB for their PECB Insights Magazine, I have addressed Business Continuity, Risk Bearing Capacity (RBC) and Cloud Security. Today I am going to address Bribery and Corruption. These two issues are dear to my heart, […]

International Medical Devices Industry: FDA to Transition to ISO 13485


The U.S. Food and Drug Administration has announced that it will transition to ISO 13485:2016 after conducting a comparative analysis between the latter and the current Quality System Regulation (QSR).   In an official update from the FDA in December 2018, the reasons for and benefits of implementing ISO 13485 as the benchmark for quality management system […]

A Beginner’s Guide to Network Segregation

CAA Default

Information Security Management Network segregation is the tool used for dividing a network into smaller parts which are called subnetworks or network segments. You can think of it as the division of rooms when constructing a new house. The most important things to spend time thinking about in this case are the spacing and positioning […]

Data Controller VS. Data Processor and ISO/IEC 27701

CAA Default

Information Security Management The popularity of the terms “data controller” and “data processor” has sharply increased in recent years. In part because of the significant increase of data breach scandals from tech giants, and in part because of the unprecedented media attention is given to the enactment of data privacy regimes (such as the EU General […]

ISO 21500 Guidance on Project Management

21500 White paper 1

Originally sourced from: ISO 21500 ISO 21500 provides guidance and high-level descriptions of concepts and processes that are considered important in project management and that are important for, and have impact on, the performance of projects. Introduction  Project management provides a framework to help accomplish business goals. Even though it is often underestimated, project management […]

ISO 31000:2018-Risk Management Guidelines

CAA Default

The ability to predict what the future holds and choosing effectively among varying alternatives lies at the centre of contemporary societies and organizations. Risk management guidelines can help us navigate over a broad range of decision-making processes, from making investment decisions to safeguarding our health, from waging war to planning families, from paying insurance premiums […]

ISO/IEC 27001 Certification Provides the Concrete Benefits

CAA Default

Introduction Corporate data breach reports constantly hit new headlines, which serve to remind us that nowadays our information is unsecured more than it’s ever been before. In 2015, data breaches, cybercrimes, and hacking were top business issues that garnered much media attention and compromised the integrity of many companies.  According to research, no industry – […]

ISO 22000 – What the Future Holds for Food Safety

CAA Default

“Food Safety” refers to the prevention, elimination and control of foodborne diseases at the stage of consumption. In a globalized world, the impact of food safety hazards and foodborne diseases on customers’ health and well-being has raised many questions: Is the food that we eat safe? How can we ensure food safety? One thing is […]

Building a Successful Recruitment Plan with Crest Advisory Africa

CAA Default

Hiring the right employees for your business is important no matter what kind of work you’re in. Having quality employees will help your company run and grow. However, it can be a daunting task to recruit and keep top talent. Reviewing resumes and browsing profiles is only part of the job. Hiring managers need to […]

Return on Investment (ROI) Using Plan-Do-Check-Act (PDCA) Methodology

CAA Default

Introduction Crest Advisory Africa Pty Ltd (Hereafter CAA) is a Global Management System Consultancy working with diverse entities, whether private or public, to improve and grow the business we are working with to at least have a 33% to a maximum of 200% increase on their profitability. CAA’s blueprint in changing businesses around is based […]

Reduce the Risk of Project Failure with ISO 21500 Project Management

CAA Default

Project management is an inseparable part of organizations in today’s fast-changing global economy. Its practices began a century ago, but it became an essential factor of successful organizations only in the past few decades. Managing projects efficiently is crucial for organizations that want to overcome obstacles and achieve their goals and objectives. According to ISO 21500, […]

How can Six Sigma Benefit your Organization?

CAA Default

Six Sigma Benefits Reducing Waste Improving Time Management Increase Customer Loyalty Boost Employee Motivation Higher Revenues and Lower Costs Six Sigma has proven to be a very successful tool for organizations seeking to identify problems, remove roots of errors or failures, and improve their business processes. Since its conception in 1986 by Motorola Company, Six Sigma has […]

ISO 50001: A Perfect Match for Energy Efficiency

CAA Default

As the threat of energy-resource depletion has emerged, the global demand for energy is increasing constantly. Provided that billions of people still have no access to electricity, more energy will be needed in the future to improve the living standard by constructing industrial, commercial and transportation infrastructure. With this future looming, it is of utmost […]

Essential Key For Data Protection: ISO 27001

CAA Default

Is your Business protected against a breach of data and software? Are you Internationally Certified to be able to prevent hackers from stealing your organization’s valuable data? Businesses understand the importance of security. They lock their doors, install alarms, and hire security guards. Unfortunately, too many of them don’t give their data security the same […]

How to Apply Proper Risk Management Methodology on Information Security?

How to apply proper risk management methodology on information security? Risk in its negative way might be defined as one undesired consequence that may or may not occur, as  a result of specific outcome we want to achieve. Shortly, it is the effect of uncertainty on objectives, as defined in ISO 31000. Many organizations are exposed to […]

Benefits of Implementing ISO 37001 in an Organization

Benefits of Implementing ISO 37001 in an Organization

Bribery refers to any offer, giving, accepting or promising advantage with any value or bribe in order to influence the decision, action or judgement of persons in charge of duty. Any individual or organization that is involved in bribery means that they have accepted or given something with the intention of influencing the recipient in […]

Key Steps for an Effective ISO 27001 Risk Assessment and Treatment

CAA Default

In view of the developments that have occurred in the processing, storage and sharing of information; security has become an important aspect of an organization. It has become more imperative for an organization to understand the various threats and risks facing them as they seek to protect their information. The rapid development of new technologies […]

Online Learning | Beyond the Classroom

CAA Default

The education industry has gone through tremendous changes over the last decades in terms of educational opportunities, teaching methods, availability of reading materials, etc. With the advancements in technology and availability of the Internet, there has been a shift from in class to online learning. This shift was accompanied by the necessity to standardize the […]

Profit, People & Planet with ISO 20121

The Three P(’s)illars of Sustainability The concept of the “triple bottom line” was firstly introduced in 1994 by John Elkington, with the idea of organizations preparing three different bottom lines in order to measure their financial, social and environmental performance. The first bottom line stands for the traditional measure of corporate profit, specifically for the profit […]

Marriot’s’ 500 Million Data Breach Scandal

A politically inclined attack or just a ‘simple’ lack of security awareness? Whatever the case, the cyber-attack that hit Marriott was huge. This was the joint second largest data breach to take place, after Yahoo in 2013 and Equifax in 2017. A cyber attacker stole personal information including names, emails, addresses, passport numbers, and credit card information […]