ESPROFILER IconESPROFILER
Capability ExchangeCapability Exchange
Platform
How it worksHow you onboardHow you operate
Services
All ServicesSecurity Reality AssessmentStrategic Consolidation
Use Cases
All
Resources
AllArticlesWebinarsEvents & ConferencesProduct Releases
AboutCareersStatus
Log InBook Demo
Back to changelog
2026-05-20
Changelog

ESProfiler now supports ISO/IEC 27001

From the first certification to the fifth surveillance audit, ESProfiler now maps your entire security stack to ISO/IEC 27001:2022 in minutes — gaps and overlaps included.

ISO 27001 is the closest thing security has to a universal handshake — every procurement team asks for it, every audit cycle resurfaces it, every enterprise contract references it. And every time it comes round, someone, somewhere is rebuilding the spreadsheet that maps it to their stack. As of today, ESProfiler customers don't have to. Map your entire security stack against ISO/IEC 27001:2022 in minutes.

What is ISO/IEC 27001?

Published jointly by ISO and IEC and most recently revised in October 2022, ISO/IEC 27001 is the international standard for Information Security Management Systems (ISMS). It's certifiable — meaning an accredited body can audit your controls and issue a certificate that customers, regulators, and procurement teams already know how to read.

The 2022 revision reorganised Annex A from 114 controls across 14 domains into a tighter set of 93 controls across four themes:

  • Organizational — 37 controls covering policy, governance, supplier relationships, and incident management

  • People — 8 controls focused on the human side: screening, training, remote work, NDAs

  • Physical — 14 controls for premises, equipment, and physical asset protection

  • Technological — 34 controls covering encryption, access control, secure development, and monitoring

The four-theme structure is far easier to assign ownership across than the old 14 domains — but moving an existing control mapping over to it is exactly the multi-week spreadsheet job most teams haven't enjoyed.

Why it matters for you

For security and compliance teams, ISO 27001 is the bridge between security work and business value. In practice that means:

  • A trust signal customers, partners, and regulators recognise instantly

  • A continuous improvement cycle (Plan-Do-Check-Act) baked into how you run security

  • A defensible baseline when an auditor, prospect, or insurer asks what "good" looks like

It's also the framework most likely to show up in your sales cycle, your insurance renewal, and your next M&A diligence pack — frequently all in the same quarter.

Map your stack in minutes — and see exactly where you stand

Mapping a security stack to a new framework by hand is usually a multi-week spreadsheet exercise. In ESProfiler, it isn't.

ISO/IEC 27001:2022 is now live alongside MITRE ATT&CK, MITRE F3, NIST CSF, the NIST AI RMF, and every other framework in the platform. Point ESProfiler at your existing tools and you'll see:

  • Coverage in minutes, not weeks — your stack mapped automatically across all 93 Annex A controls and the four themes

  • Gaps at a glance — the controls no tool in your environment addresses, surfaced and prioritised

  • Overlaps you're paying for twice — controls duplicated across vendors, ranked by spend

Whether you're prepping for your first certification or your fifth surveillance audit, the same engine cuts the mapping work from weeks to minutes.

Get started

If you're an existing customer, ISO/IEC 27001 is already live in your tenant — open the Frameworks view to start mapping.

If you're not, book a demo and we'll show you your ISO 27001 coverage gaps in the time it usually takes to schedule the kickoff meeting.

Ready to Optimize
Your Security Stack?

Talk to our team to see how ESPROFILER can help you gain full visibility and control over your security investments.

Book a Demo

Platform

  • Market Layer
  • Capability Layer
  • Commercial Layer
  • Tribal Layer
  • Architect Layer

Services

  • All Services
  • Security Reality Assessment
  • Strategic Consolidation

Company

  • About Us
  • Jobs
  • Resources
  • Changelog
  • Contact
ESPROFILER IconESPROFILERNCSC For Startups AlumniSupported By GoogletechUK Winner
© 2026 ESPROFILER. All rights reserved.
Policies & Terms