ISO 27001
The international standard for information security management systems (ISMS), specifying a framework of policies, controls, risk assessment, and continuous improvement for protecting information assets.
How it works
ISO 27001:2022 is the current revision of the international standard. It covers the documented information security management system: scope, leadership commitment, risk assessment and treatment, statement of applicability against the Annex A controls, internal audit, management review, and continual improvement. Certification requires an accredited external body to audit the ISMS annually with a recertification audit every three years. For UK enterprise procurement in finance, legal, healthcare, defence, and government, ISO 27001 is widely treated as a baseline expectation. Ayoob AI is ISO 27001:2022 certified, which matters for clients where procurement cannot approve a vendor without it.
Related terms
Cyber Essentials
A UK government-backed certification scheme covering five baseline technical security controls: boundary firewalls, secure configuration, user access control, malware protection, and patch management.
NHS DSPT (Data Security and Protection Toolkit)
The annual self-assessment NHS organisations and their suppliers must complete to demonstrate compliance with the data security standards required to handle NHS patient data and connect to NHS systems.
CCS Framework (Crown Commercial Service)
UK government procurement frameworks operated by the Crown Commercial Service, including RM6200 (AI Dynamic Purchasing System) and RM6173 (Automation Marketplace), which allow public-sector buyers to direct-award without re-tender.
Want to see this technology in action?
Book a Discovery Call