ISO compliance tells you almost nothing about the security of the product being developed, just about the processes in place at the company developing the product.
ISO compliance tells you almost nothing about the security of the product being developed, just about the processes in place at the company developing the product.
Yes thats why I also added SOC 2. I have gone through an ISO audit for our company so I know the process. The point is that these certifications are mostly a joke but you have to play the game to win "enterprise" deals.