https://internalauditservice.com/resources Practical guides and audit insights on ISO 27001, ISO 42001, and ISO 9001 internal audits, drawn from real engagement work. en-us Risk and Response LLC audit@riskandresponse.com (Jonathan Major) audit@riskandresponse.com (Jonathan Major) internalauditservice.com https://internalauditservice.com/resources/ai-search-iso-27001-a5-34-a8-21 https://internalauditservice.com/resources/ai-search-iso-27001-a5-34-a8-21 Thu, 30 Apr 2026 00:00:00 GMT Jonathan Major ISO 27001 AI GEO AI search reshapes ISO 27001 A.5.34 (PII) and A.8.21 (network services). What auditors now look for, gaps we flag, and a working baseline. https://internalauditservice.com/resources/data-deletion-request-process https://internalauditservice.com/resources/data-deletion-request-process Wed, 29 Apr 2026 00:00:00 GMT Jonathan Major ISO 27001 Privacy GDPR ISO 27001 A.5.34 plus GDPR Article 17, what auditors look for, the gaps we flag in internal audits, and a working template for a defensible data deletion request process. https://internalauditservice.com/resources/threat-modeling-sdlc-iso-27001 https://internalauditservice.com/resources/threat-modeling-sdlc-iso-27001 Wed, 25 Mar 2026 00:00:00 GMT Jonathan Major ISO 27001 SDLC Threat Modeling Most SDLCs claim threat modeling. Most can't produce a single completed threat model on demand. What A.8.25 and A.8.26 require, the gaps we flag in audits, and a working template you can adopt in one sprint.