Hi, In this list https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/laws-regulations-information-security-business-continuity/
for France and the European Union, there are mainly regulations regarding personal data protection. In my understanding, ISO27001 requires to list all the regulations that apply to the business of the company seeking the ISO certification, which would be much wider.
For example, our company provides a billing software. I would have listed all french regulations related to billing and not only data protection. Is my interpretation of the norm too wide ?