Send a text

We sit down with ISO auditor David Foreman to demystify ISO 27001, compare it with SOC 2, and unpack what auditors actually look for. We cover real breaches, the limits of compliance tools, the rise of 27701 and 42001, and how to win leadership buy-in.

• what an ISO certification body does and how audits work
• ISO 27001 governance plus controls vs SOC 2 opinions
• readiness and internal audit roles vs external certification
• why breaches accelerate third-party assurance demands
• scoping strategy and avoiding retrofit pitfalls
• platforms as helpers not replacements for ownership
• getting executive buy-in with clear pain and outcomes
• 27701’s privacy system and 42001’s AI management
• sectors driving demand: cloud, finance, healthcare, education, law
• partnership approach to deliver readiness and certification

Follow Mastermind on LinkedIn and email [email protected]

Thank You for Listening to the VRC Podcast!
Visit us at VanRein Compliance
You can Book a 15min Call with a Guide
Follow us on LinkedIn
Follow us on X
Follow us on Facebook