Is ISO different from SOC?

A useful comparison between ISO/IEC 27001 and SOC.

ISO logoA useful orientation article from ImmuniWeb. ISO/IEC 27001 is a global standard designed to establish, maintain and continuously improve a corporate Information Security Management System (ISMS) to protect corporate data in a holistic manner. It is jointly developed and maintained by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Service Organization Control (SOC), designed and maintained by the American Institute of Certified Public Accountants (AICPA), is not a certification but rather a set of interrelated auditing reports validating proper implementation of internal controls by service companies.

Read the Article

Share this post
6 Things You Should Do to Handle Data Privacy Updates