Your InfoSec Governance Operating System
Portal Login
Framework

ISO/IEC 27001:2013 – Information security management systems (ISMS)

International standard specifying requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS), including Annex A reference controls.

View sample proof pack Request a demo
Access controls
Roles, approvals, and audit trails
Scoped credentials
Least-privilege access where supported
Access logging
Export and sharing audit trails
Encryption
At rest and in transit

Summary

Framework mapping summary

Catalog entry
Type: Standard
Publisher: ISO/IEC
Versions: 1
Jurisdictions: Global
Coverage (representative version)
Requirements
148
Mapped controls
92
Evidence specs
215
Automation tests
15
Notes

Mapping of ISO/IEC 27001:2013 clauses (4–10) and Annex A controls (114) to AURORA controls.

Versions

Supported versions and coverage stats

Aurora's catalog can include multiple published versions of a standard or regulation. Select the version that matches your reviewer request.

2013
View source
Requirements
148
Mapped controls
92
Evidence specs
215
Automation tests
15

Exports

Framework mapping is only useful when it produces proof.

Aurora uses framework mappings to scope work, attach evidence, and export reviewer-ready deliverables.

Scope and control mapping
  • Map requirements to Aurora controls
  • Assign owners and approval gates
  • Keep decisions tied to exports
Evidence and freshness
  • Attach artifacts to controls and answers
  • Track capture dates and expiration
  • Export binder-ready folders with provenance
Reviewer-ready exports
  • Generate proof packs and binder exports
  • Produce point-in-time snapshots for assessment windows
  • Keep citations attached so reviewers can verify
Controlled sharing
  • Share curated artifacts through a Trust Center
  • Gate access with tier rules and agreements
  • Export access logs for audit trails

Next step

See how this maps to your next reviewer request

Use exports to align on scope
Start with the deliverable reviewers accept, then map backward to the controls and evidence you need.
Bring one request, get a plan
We will map the shortest path: required controls, evidence objects, integrations, and the export format reviewers expect.
Request a demo

FAQ

FAQ

Does this mean Aurora certifies us?
No. Aurora helps you map requirements to controls and export proof. Certification decisions remain with your auditors and certification bodies.
Can we run multiple frameworks in one system?
Yes. Aurora is designed for reusable control mapping and evidence so you can expand without redoing work.
Can we start without integrations?
Yes. Manual uploads and mapping work on day one, and you can add connectors on your schedule.
Next step
Want a proof pack for your framework?
View the export formats first, then we will map the shortest path to reviewer-ready proof.
View sample proof packRequest a demo
Have a deadline? Tell us. We can prioritize export-ready proof.