Automate Your ISO 27001 compliance with Runecast

About ISO 27001 Compliance

ISO/IEC 27001 is an international standard that defines how to manage information security. It is a part of the wider ISO 27000 family of standards, which define an Information Security Management System (ISMS). According to it is one of the most popular security standards in the world.

There are 114 controls in 14 groups and 35 control categories; the 2005 standard had 133 controls in 11 groups.

  • A.5: Information security policies (2 controls)
  • A.6: Organization of information security (7 controls)
  • A.7: Human resource security - 6 controls that are applied before, during, or after employment
  • A.8: Asset management (10 controls)
  • A.9: Access control (14 controls)
  • A.10: Cryptography (2 controls)
  • A.11: Physical and environmental security (15 controls)
  • A.12: Operations security (14 controls)
  • A.13: Communications security (7 controls)
  • A.14: System acquisition, development, and maintenance (13 controls)
  • A.15: Supplier relationships (5 controls)
  • A.16: Information security incident management (7 controls)
  • A.17: Information security aspects of business continuity management (4 controls)
  • A.18: Compliance; with internal requirements, such as policies, and with external requirements, such as laws (8 controls)

The process of checking for compliance within your Azure, AWS and VMware environments can be arduous and costly, and any kind of manual checks are subject to human error, so it is important to automate as much as possible.

Dashboard showing compliance standard profiles

Runecast is a patented enterprise IT platform that provides IT ops and security teams one platform for configuration monitoring, vulnerability management, security compliance, remediation, upgrade planning and reporting.

  • Disruptive, patented solution that automates proactive analysis of logs, configuration drift, and security posture within your environment.
  • Simple, lightweight platform that is super-easy to deploy and operates securely on-premises (no data needs to leave your control) to provide you with remediation steps before any issues can lead to a PSOD or downtime.
  • Operational transparency and best practices alignment
  • Real-time configuration management, vulnerability scanning and security compliance audits
  • Freed up team resources (to work proactively on growth drivers)

How Runecast helps you to be audit-ready

Runecast automates the process of checking both VMware vSphere and native AWS public cloud resources for compliance against ISO 27001 – in total, over 260 cross-referenced checks. Each finding maps to a specific ISO 27001 control or set of controls, and as with all other standards covered within Runecast Analyzer, we show the details not only of all of the impacted objects, but also both the wording from the standard and a technical translation, as well as details of how to manually audit the finding and remediate any non-compliances.

With Runecast , you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state, and also show as soon as any objects move out of compliance.

The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Move to a more proactive way of handling your compliance requirements!

14-day free trial
Get Started Today
Be up and running in less than 15 minutes and see how Runecast empowers you and your team. Get your first compliance report now.
Start My Free Trial

“The best in its league”

Run it... you will be amazed by the findings. We always think that a lot of applications are secure by nature and by how they’ve been designed, but after deploying Runecast you really understand the gaps that you might have in your environment and it’s definitely an eye-opener.

BASIM AL LAWATI

Vice President - Infrastructure & Security at Oman Airports

Discover More Content

No items found.