Canonical FrameworkCompliance & AuditCertification-oriented controls

ISO/IEC 27001

ISO/IEC 27001 ISMS control-mapping starter aligned to the 2022 Annex A control set, with references to ISO/IEC 27017 and 27018. It provides configurable gateway controls and evidence fields for relevant access, cryptography, supplier, incident, continuity, and personal-data topics.

This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.

Regions

Global

References

4 references

Mapped Control Domains

8 mapped domains

Deployment

Regulated SaaS, Private Cloud

Referenced Frameworks, Standards & Obligations

ISO/IEC 27001:2022ISO/IEC 27002:2022ISO/IEC 27017:2015 (Cloud Security)ISO/IEC 27018:2025 (PII in Public Clouds)

Mapped Control Domains

Access Control
Audit Logging
Incident Response
Data Encryption
Vulnerability Management
Risk Management
Business Continuity
Supplier Management

Deployment profiles

Regulated SaaS
Private Cloud

Get started in 3 steps

1

Open the template

Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.

2

Adapt the configuration

Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.

3

Validate before rollout

Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.