Build and operate your ISO 27001 ISMS systematically
All requirements of ISO/IEC 27001 in one integrated platform - from gap analysis to certification readiness.
Official name: ISO/IEC 27001:2022 - Information Security Management Systems
The Challenge
ISO 27001 requires a comprehensive information security management system with documented risk assessments, treatment plans and regular reviews. Managing 93 Annex A controls, tracking implementation measures and preparing for certification audits demand structured processes that are nearly impossible to manage efficiently with manual tools.
Our Solution
Aldric supports the entire ISMS lifecycle: from initial risk assessment through control implementation to ongoing monitoring. TOM management, business continuity and policy management work seamlessly together to create audit-ready documentation.
Key Regulations
Clause 6 - Planning (Risk Management)
Requirements for identifying, assessing and treating information security risks.
Clause 7 - Support (Resources & Awareness)
Ensuring resources, competence, awareness and documented information.
Clause 8 - Operation (Risk Treatment)
Implementation of planned risk treatment measures and achievement of security objectives.
Annex A - 93 Controls in Four Categories
Reference catalog with organizational, people, physical and technological controls.
Supported Modules
ISMS Controls (Annex A)
Manage all 93 controls from ISO 27001:2022 Annex A with implementation status, responsibilities and evidence.
Risk Assessment & Treatment
Conduct structured risk assessments and link identified risks to concrete treatment measures.
Statement of Applicability (SoA)
Create and maintain your SoA with justifications for included and excluded controls.
TOM Documentation
Document technical and organizational measures and map them to the relevant controls.
Audit Preparation
Monitor the implementation status of all controls and identify gaps before the certification audit.
Your Path to Compliance
- 1
Gap analysis
Assess the current state of your information security and identify deviations from the standard.
- 2
Risk assessment
Systematically evaluate information security risks and prioritize actions.
- 3
Implement controls
Implement selected Annex A controls and document the measures taken.
- 4
Policies & training
Create ISMS policies and train your employees on information security.
- 5
Monitor & improve
Use dashboards for ongoing monitoring and prepare internal audits.
Frequently Asked Questions
What is the difference between ISO 27001 and ISO 27002?
ISO 27001 defines the requirements for an ISMS and is the certifiable standard. ISO 27002 provides guidance for implementing Annex A controls with detailed recommendations. Aldric supports both standards.
How long does it take to prepare for ISO 27001 certification?
Preparation time depends on company size and maturity level. With structured support from Aldric, you can build the key foundations within a few months.
Does Aldric support the ISO 27001:2022 version?
Yes, Aldric maps the current ISO 27001:2022 with the newly structured 93 controls in four categories (organizational, people, physical, technological).
Can I implement ISO 27001 and GDPR in parallel?
Yes, many requirements overlap. Aldric enables parallel implementation of both standards and highlights synergies between ISMS controls and GDPR requirements.
How does the software help with internal audits?
Aldric provides an overview of the implementation status of all controls, documents deviations and supports the tracking of corrective actions.
Related Modules
ISMS / ISO 27001 Controls
Implement and monitor your information security management system.
Learn moreTechnical & Organizational Measures
Manage and document your TOMs according to Art. 32 GDPR and ISO 27001.
Learn moreBusiness Continuity Management
Plan and test your business continuity and emergency processes.
Learn morePolicies & Training
Create, distribute and track compliance policies and employee training.
Learn moreIncident & Breach Management
Detect, report and document data breaches within the 72-hour deadline.
Learn moreReady for Efficient Compliance Management?
Start with a free demo and discover how Aldric simplifies your compliance processes.