HomeCompliance › ISO 27001

ISO 27001 compliance software, EU-built and audit-ready.

All 93 Annex A controls pre-loaded with descriptions, recommendations and review cadences. Read-only auditor view, white-label audit-trail PDF, evidence registers tied to every control. From €29 a month.

Open the portal See pricing

What is ISO 27001?

ISO/IEC 27001:2022. B2B SaaS companies, consultancies, financial services, healthcare and any organisation whose customers ask for an ISO 27001 certificate during procurement.

Who needs to comply

  • B2B SaaS companies whose customers require ISO 27001 in procurement
  • Managed-service providers (MSPs) and consultancies
  • Financial services and fintech preparing for DORA on top of ISO 27001
  • Healthcare organisations layering NEN 7510 onto ISO 27001

Key ISO 27001 controls covered by Dazr

A.5 Organisational37 controls covering policies, roles, supplier relationships, threat intelligence, incident response.
A.6 People8 controls on screening, terms of employment, awareness, disciplinary process.
A.7 Physical14 controls on perimeter, equipment, secure disposal, clear desk.
A.8 Technological34 controls on access control, cryptography, logging, vulnerability management, BCP-IT.

What auditors look for

A stage-1 audit is documentation review; stage-2 is evidence sampling. Dazr is built around stage-2: every control has a recurring task with an owner, evidence, and a permanent activity log entry on completion.

How Dazr helps with ISO 27001

  • Maintain the Statement of Applicability and link it inline from the portal
  • Run quarterly access reviews, annual management reviews and risk-treatment reviews on cadence with email reminders
  • Hold the risk register with likelihood-impact scoring and treatment plans
  • Operate the incident register with regulator-notification fields
  • Hand the auditor a read-only view for stage-2 sampling, or hand them a single-PDF audit trail

Back to the full Dazr Compliance overview › | Sign up free ›

ISO 27001 questions, answered.

How many controls does the platform cover?

All 93 Annex A controls in ISO 27001:2022, plus the Clause 4-10 management-system requirements (scope, leadership, planning, support, operation, performance evaluation, improvement). Each control has a description, recommendation and default review cadence.

Is this for stage-1 or stage-2?

Both. Stage-1 is documentation review; stage-2 is evidence sampling. Dazr is the system of record for both: the SoA, the risk register, the incident register and the activity log are linked from one place.

Does the platform replace my SoA?

No. The Statement of Applicability is your document; we link to it. The platform tracks the operating evidence behind every applicable control.

Will my external auditor accept evidence kept here?

Yes. Every action is timestamped with the responsible person; the activity log is append-only; the audit-trail PDF is signed off by the workspace owner.

Ready to start your ISO 27001 program?

Free for one user. Pro €29/mo and Enterprise €299/mo are self-serve via Mollie. Custom (from €800/mo) is the only tier on a contract.

Open the portal All frameworks