Compliance Standards Library

ISO 27001

  • Updated

What is ISO 27001?

  • ISO 27001:2022 is the most current version of ISO 27001 that specifies the requirements for establishing, implementing, maintaining, and continually improving a privacy information management system (PIMS). The 2022 version includes an improved and updated annex, and clause language, 12 new controls, and modernized controls merged versions of 27001:2013 controls (the previous version). If you have questions about the current and prior versions (2013), you can check out our facts article here.

Who should be ISO 27001 compliant? 

  • Companies are interested in formally certifying their privacy program against the international gold standard for privacy management.

What is the timeline for ISO 27001 compliance?

  • Preparation will likely be 40 hours of prep time for each standard and 40 hours for compliance attestation. 

What can Vanta automate? 

  • Tests
  • Documents

Does ISO 27001 require a formal audit? 

  • Yes