Product Updates

Integration of ISO 27001 & 27002 Frameworks into the Annual Wheel: Privacy - April 2024 🎖️

Written by Louise Skou | 30-Apr-2024 08:17:45

We've added ISO 27001 and ISO 27002 as frameworks in our annual wheel, making it easy to administrate the guidelines by automating the work involved. By seamlessly planning ISO activities throughout the year, you’ll have evidence ready and available when it’s time for certification by an auditing firm. This streamlined process ensures security and manageability in a good and easy way for both your organisation and those who audit you.

ISO 27001
Privacy Standard · Privacy Pro

ISO 27001 and ISO 27002 are two important standards in the field of information security management. ISO 27001 sets the requirements for an Information Security Management System (ISMS), providing a systematic approach to managing company information, ensuring its confidentiality, integrity, and availability (the CIA-triad). It's essentially a framework for establishing, implementing, maintaining, and continually improving information security within an organisation.

ISO 27002 
ISMS Standard · ISMS Pro

ISO 27002, on the other hand, offers further guidelines and best practices for implementing controls to address security requirements. It provides a comprehensive set of controls and accompanying guidance on their implementation, covering various aspects of information security such as asset management, access control, cryptography, and incident management.

Read more about what ISMS is & how to handle ISMS in our Privacy platform

Simplify your ISO documentation with our new framework

Our annual wheel now seamlessly integrates the ISO 27001 and 27002 standards, streamlining your auditing process. Here you can easily and quickly integrate ISO tasks into your annual wheel in order to streamline your journey towards ISO certification. This enables you to distribute various evidence and documentation throughout the year, so when the day of your audit arrives, everything is ready in your annual wheel, accessible to you and your auditor.

Furthermore, this is useful for future audits, as tasks repeat every year - with evidence from the previous year already stored in the annual wheel, it's easy to see what needs to be done and presented this year as well. Simple!



Delve into the many features right here: Annual Wheel


4 ways it benefits your road to certification 

  1. Efficient Scheduling: When planning tasks for the year, conveniently schedule all relevant ISO-related activities from the default list. Each task is automatically assigned an ID number from the ISO standard.

  2. Evidence Accessibility: During audits, you won’t need to scramble for evidence. Just turn to your annual wheel, where meticulous records of all tasks throughout the current year and prior are kept. This enhances your assurance in executing tasks thoroughly.

  3. No Missed Tasks: Say goodbye to forgotten security requirements. When integrating ISO tasks into your annual wheel, rest assured that important tasks won’t slip through the cracks. This streamlined approach enables easy management of ISO documentation within the task management system where relevant employees receive timely notifications, keeping everything on track.

  4. Auditor-Friendly: Auditors gain a clear overview from your annual wheel. Furthermore, they can easily review and provide feedback if additional evidence is necessary.

In summary, this feature not only simplifies your workload but also enhances transparency for both you and the auditing firm.

Why use ISO standards?

These standards provide organisations with a strong framework and practical guidance to effectively manage and protect their information assets. By aligning with these standards, organisations can enhance the security, mitigate risks, build trust with stakeholders and the like, as well as demonstrate their commitment to information security best practices.

...Read more about the standard here: What is ISO 27001 Compliance?

New additions is coming up

Work is still ongoing on this framework, and soon we can present a new addition - related tasks! We are in the process of mapping various tasks in ISO 27001 and ISO 27002 with tasks in GDPR and NIS2, so you don't have to repeat evidence that overlaps. Stay tuned!

For now, we hope you will enjoy the new features 🎉

Get the full overview of these and all existing features here.