I asked perplexity AI if iso 27001 was needed if we were in business.
It came back with this:
ISO 27001 certification is a globally recognized data security protocol that helps organizations ensure the security of information and data. Obtaining an ISO 27001 certification can help an organization prove its security practices to potential customers worldwide. ISO 27001 compliance offers a win-win-win situation: it benefits the organization, its staff, and its customers in various ways. The ISO 27001 certification benefits for a business include positioning it as a stronger competitor so it can win more customers, protection for its intellectual property, brand, and professional reputation, retaining more of its customers, time savings and cost savings due to having more efficient processes. ISO 27001 certification also helps to identify security gaps and vulnerabilities, protect data, avoid costly security breaches, and improve cyber resilience. Therefore, ISO 27001 certification is highly recommended for businesses that handle sensitive information and data.
We are currently transitioning from the 2013 standard to the new 2022 standard.
The changes are extensive and it is not a breeze.
If you are considering ISO 27001 or indeed you need it (Many businesses now insist on ISO 27001 from suppliers)
Give us a call and we can share the pain :).
By the way the AI is on https://www.perplexity.ai/