ISO 27001 Certification vs. ISO 27001 Audit: What’s the Difference?

by Sarah Harvey / April 29th, 2020

Do you want to demonstrate your commitment to security to global business partners? An ISO 27001 report provides organizations with an evolving ISMS that can adapt to new challenges and validates your commitment to security. It can also help you prioritize your information security budget and resources based on risk, because ISO 27001 is customized for your environment and your specific risks. Undergoing an ISO 27001 audit is also a…

Choosing Between SOC 2 and ISO 27001 Audits

by Sarah Harvey / March 13th, 2020

So you’ve completed a SOC 2 audit, how prepared does that make you for an ISO 27001 audit? How do you know whether your organization needs a SOC 2 attestation or an ISO 27001 certification? For organizations working toward security compliance, deciding between these two audits depends on a few factors. While these audit frameworks are different in many ways, they also share some core similarities that make it difficult…

SOC 2 vs. ISO 27001: Which Audit Do You Need?

by Sarah Harvey / February 28th, 2019

SOC 2 and ISO 27001 audits are similar in intention; they both help organizations protect the data that they are responsible for. How are they different, though, and which one meets your organization’s needs? What is a SOC 2 Audit? A SOC 2 audit evaluates internal controls, policies, and procedures that directly relate to the AICPA’s Trust Services Criteria. This means that a SOC 2 audit report focuses on a…