Cygna Labs
SIGN IN

ISO 27001 Compliance

Strengthen Information Security with ISO 27001 Compliance Solutions

ISO/IEC 27001 is an international standard for managing information security through an Information Security Management System (ISMS). Certification requires maintaining a high level of information security and implementing best practices to manage and prevent IT-related risks.

ISO 27001

The International Standard for Information Security Management Systems

Voluntary, auditable, and certifiable

ISO/IEC 27001 defines an Information Security Management System (ISMS) that outlines how to design, implement, and maintain a comprehensive information security program. It includes 93 controls organized across 4 domains (Organizational, People, Physical and Technological). Unlike many regulatory frameworks, it is voluntary. Because ISO is an international body, any organization worldwide can adopt ISO 27001. Those that choose to implement it can be formally audited to demonstrate compliance with the standard. Cygna Labs is proud to hold an ISO 27001 certification.

Voluntary, auditable, and certifiable

NIST-aligned security controls reinforce ISO 27001

ISO 27001:2022 was updated in 2022 and has replaced the older ISO 27001:2013 version. This update addresses modern issues of cloud adoption, remote work and evolving cyber threats. Further, the updated framework has been more closely aligned to other risk-based frameworks such as GDPR and NIST.

NIST-aligned security controls reinforce ISO 27001

Addressed ISO 27001 Compliance Requirements

Most of the controls specified in ISO 27001 and addressed by Cygna Auditor are similar or identical to those in NIST Special Publication 800-53, the security control framework supporting the Federal Information Security Management Act (FISMA) of 2002. NIST SP 800-53 serves as a superset of ISO 27001 controls, with Appendix H providing a detailed cross-reference between the two. The list below highlights a sample of controls that Cygna Auditor satisfies.

6.1.26.1.5

Organization of (internal) Information Security:

7.2.37.3.1

Human Resource Security:

9.2.19.2.29.2.39.2.49.2.59.2.69.3.19.4.19.4.29.4.3

Access Control:

12.1.212.1.312.4.112.4.312.4.312.7.1

Operations Security:

13.1.113.1.313.2.113.2.3

Communications Security:

14.2.214.2.3

System acquisition, development and maintenance:

15.2.1

Supplier Relationships:

16.1.216.1.416.1.516.1.7

Information security incident management:

17.1.217.1.3

Information security aspects of business continuity management:

18.1.118.1.318.2.118.2.3

Compliance:

Monitor Activity on Secured Systems

Cygna Auditor captures both successful and failed data access events, including file and folder creation, access, updates, and deletions, while providing full attribution of who performed each action and when.

Real-Time Notification of Sensitive Changes

Cygna Auditor provides built-in and customizable alerts that immediately notify you of critical security events, such as changes to privileged group membership.

Privileged Identity Activity Visualization

Cygna Auditor monitors all changes made by privileged identities to ensure compliance with regulatory and organizational policies and to prevent misuse of elevated access.

Meet ISO 27001 Compliance Requirements

Our experienced engineers will fine-tune the demo based on your specific needs. You’ll find out how easy it can be to secure your sensitive data.

ISO 27001