Blog / iso 27001

ISO 27001 vs. ISO 27701: What's the difference? (security ISMS vs privacy PIMS)

ISO 27001 certifies your information security management system. ISO 27701 extends it for privacy (PIMS). Compare scope, controls, buyers, and when you need one or both.

ISO 42001 Vs ISO

ISO 42001 Vs ISO. ISO 27001 guide for security and GRC teams: controls, evidence, audit readiness, and continuous compliance with SecureSlate.

Mapping common criteria for SOC 2 and ISO 27001 compliance (reuse evidence, cut duplicate work)

SOC 2 trust criteria and ISO 27001 Annex A overlap significantly. Learn how to map common criteria, share evidence, and run both frameworks without doubling effort.

The ultimate guide to ISO 27017: cloud security controls and how they relate to ISO 27001

ISO/IEC 27017 adds cloud-specific security guidance on top of ISO 27001. Learn what 27017 covers, who needs it, and how it pairs with your ISMS and Annex A program.

The ultimate guide to ISO 27701: privacy extension to ISO 27001 (PIMS explained)

ISO/IEC 27701 extends ISO 27001 with privacy controls (PIMS). Learn what 27701 covers, how it relates to GDPR, and when to add it to your ISMS.

What is an information security management system (ISMS)? A practical explainer

An ISMS is the foundation of ISO 27001 certification. Learn what it includes, how clauses 4–10 work with Annex A controls, and how to build one that scales.

Your guide to the ISO 27001 Annex A controls (2022): themes, SoA, and evidence

ISO 27001 Annex A lists 93 controls in four themes. Learn how to select controls, document your Statement of Applicability, and collect audit-ready evidence.

ISO 27001 annual obligations: the complete checklist for surveillance audit readiness

ISO 27001 annual obligations: the complete checklist for surveillance audit readiness — ISO 27001 Annual Obligations Checklist For Surveillance Audits. ISO 27001…

The best ISO 27001 compliance software for 2026

Compare top ISO 27001 compliance software for 2026: SoA support, automated evidence, continuous monitoring, multi-framework reuse, and audit-ready workflows.

How CrowdComms and Henchman use ISO 27001 and SOC 2 together

Learn how CrowdComms and Henchman approached ISO 27001 and SOC 2 together, why they sequenced them the way they did, and how to reuse controls and evidence.