Skip to content

ISO 27001 Compliance Alignment

Description

Aligns platform controls, logging, access management, and incident response capabilities with the ISO 27001 information security management standard. Provides evidence packs — audit logs, access review reports, and configuration snapshots — to support customer ISO 27001 certification audits.

Canonical use case

An enterprise undergoing ISO 27001 certification uses ExpertFlow's built-in audit logging and access control reports to satisfy annex A.12 and A.9 controls without requiring additional third-party tooling.

Open Items

  • [ ] Canon alignment — populate canon_axiom_refs or confirm no existing axiom applies
  • [ ] Dependency assessment — set dependencies_assessed: true once SA has reviewed the full chain
  • [ ] effort_estimate — replace 0 with rough engineering days (order of magnitude)
  • [ ] public_description — write the public-facing description before publishing