The Schellman Blog

Ever moved somewhere new? It’s a big life change, and of course, it’s important you pack all your belongings and get them moved to your new spot. But it’s not just your stuff that you need to account for—you’ll also be looking for a new local doctor to trust with your medical history, a new mechanic to trust with your car, etc.

According to a recent ISO survey, ISO/IEC 20000-1:2018 (ISO 20000-1) saw a 50% increase in worldwide certificates year over year. But when you think about ISO certifications, you likely think of the incredibly popular ISO 27001 standard or the new AI management standard, ISO 42001—not ISO 20000-1. So, why has the standard seemingly, suddenly shot to more prominence?

Today, after much anticipation, ISO announced that ISO/IEC 27001:2022 has officially been published. Ever since ISO/IEC 27002:2022 was published in February of this year, the industry has waited for this—that includes Schellman.

If your organization is pursuing ISO 27701 certification, you may face unforeseen challenges that can potentially slow down the entire process. Many times, they just crop up suddenly, derailing your hopes of providing privacy assurances to your customers (at least temporarily). As an ISO Certification Body, Schellman has performed countless 27701 certification assessments over the years, and our clients have encountered some of the same gaps many times over. Now, we want to help you avoid them.

Ever seen those jugglers that manage to balance multiple spinning plates at the same time? As impressive as it is, you figure you’d be happy to spin just the one plate successfully. For cloud service providers (CSPs), you have lots of different proverbial compliance “plates” to choose to channel your effort into—the trick is knowing the differences and which is best for you.

Famed baseball player and possessor of a great name, Yogi Berra, once said, “When you come to a fork in the road, take it.”

ISO certifications in general have become popular tools used to demonstrate an organization’s compliance with certain standards. While ISO 27001 itself can give your customers quite a lot of reassurance, there’s also something to be said about combining it with ISO 9001 certification.

The below blog, originally dated January 26, 2023, has now been updated as the cited IAF MD 26 was updated on February 15, 2023. IAF MD 26 Issue 2 resulted in the following main changes that are now also detailed further within this article (ordered in terms of importance)