I’m currently trailing the use of your Conformio platform in our environment.
We are a managed service provider, offering hosting of specific financial consolidation platforms as IaaS through cloud providers (more specifically, ***).
I understand that ISO27001 documentation is very specific to a case organization, but I also believe a large part of the documentation to be … “standard”. If I were to remove the specific software platforms that we host and consult on, we are just another *** Provider. Do you have sample artefacts, such as risk registers or statements of applicability, that apply to organizations like that?