Posts tagged: #iso-27001

GDPR Article 32 in practice: which security controls actually satisfy it

Article 32 names encryption and resilience but refuses to give you a checklist. Here is how regulators read it after a breach, and which ISO 27001 and CIS controls map to each clause.

6/4/2026

gdprarticle-32security-of-processingiso-27001

Mapping ISO 27001 to SOC 2: what actually overlaps, and where teams get burned

A practitioner's view of the ISO 27001 Annex A to SOC 2 Trust Services Criteria mapping. The real overlap, the parts that don't map, and the evidence mistakes that cost you a second audit.

6/4/2026

iso-27001soc-2crosswalkgrc