Software EngineeringMarketingSalesFinanceDesignHRCustomer ServiceData & AnalyticsAll Domains >
← Glossary · security

ISO 27001

An international standard for information security management systems (ISMS), audited and certified by accredited bodies.

ISO 27001 certifies that an organization has a documented and operating security management system covering 93 controls grouped into 14 domains. Common in European procurement and increasingly requested in U.S. enterprise deals as an alternative to SOC 2. Certification cycles run on a 3-year clock with annual surveillance audits. Some buyers accept ISO 27001 in lieu of SOC 2; large enterprises often want both.