The Schellman Blog

If you own a cell phone, you likely know that Apple releases a new version of the iPhone virtually every year. But sometimes, the versions look so similar you wonder what the difference is between models and you have to go digging into the specs of each before you fork over your hard-earned dollars.

Introduction ISO/IEC 27001:2015 (ISO 27001) certification is becoming more of a conversation in most major businesses in the United States. To provide some depth, there was a 20% increase in ISO 27001 certificates maintained globally (comparing the numbers from 2014 to 2015 as noted in the recent ISO survey). As for North America, there was a 78% growth rate in ISO 27001 certificates maintained, compared to those in North America in 2014. So it is clear evidence that the compliance effort known as ISO 27001 is making its imprint on organizations in the United States. However, it’s just the beginning. Globally, there are 27,563 ISO 27001 certificates maintained, of which only 1247 are maintained in the United States; that is 4.5% of all ISO 27001 certificates.

On the television show Alone, contestants must self-document themselves attempting to survive in harsh terrain. Without established shelter, a consistent food supply, or any other humans in the remote area to help—it’s a heavy lift in every way even for the most seasoned survivalist.

Chances are, if you know anything about our space program, you know that when we send a manned mission beyond our atmosphere, those astronauts remain in constant communication with their fellows back at Mission Control.

As a holistic security standard that has become popular worldwide, ISO 27001 can help any organization seeking to prove their cybersecurity measures are sound while also providing a market differentiator among other gained advantages. But the comprehensive nature of the standard—and the heavy lift it requires—can also put off organizations considering it, especially those in sectors that have yet to really be affected, like law firms.

NOTE: Schellman has since updated and expanded this information in an article found here.

An ISO 27001 certification can help your business stand out. It lets your customers and potential customers know you care about and will protect their information. It can also help you streamline internal processes.

Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report? Many organizations today are dealing with multiple needs or demands for various compliance assessments or certifications. These organizations might wonder, “How can my ISO 27001 certification fit the needs for a SOC 2 report?” and vice versa. Below we have outlined the similarities and differences between an ISO 27001 certification and a SOC 2 examination.