This list linked below is awesome. It doesn’t seem to be common knowledge on what it covers and how much (i.e., A LOT). Loving the clarity here. Fun fact: ISO tells you *what* to do but not *how* to do it for most items and that’s intentional. You define that for your business/use case. It’s …
![](https://cordata.co/wp-content/uploads/2020/05/iso-27001-compliance-steps.png)