arduino · jcarolinares · Sep 4, 2024 · Aug 27, 2024 · Sep 3, 2024
diff --git a/...iness/01.iso27001/assets/ISOIEC-27001.pdf → .../01.iso27001/assets/ISOIEC-27001-2022.pdf b/...iness/01.iso27001/assets/ISOIEC-27001.pdf → .../01.iso27001/assets/ISOIEC-27001-2022.pdf
diff --git a/content/arduino-cloud/09.business/01.iso27001/iso27001.md b/content/arduino-cloud/09.business/01.iso27001/iso27001.md
@@ -10,15 +10,16 @@ author: 'Arduino Security Team'
 ***For any questions regarding security, contact the [Arduino Security Team](mailto:[email protected]).***  
 
 
-![Arduino Cloud services are officially certified for ISO/IEC 27001:2013 (ISO 27001)](./assets/infosec.png)
+![Arduino Cloud services are officially certified for ISO/IEC 27001:2012 (ISO 27001)](./assets/infosec.png)
 
-[ISO 27001](https://www.iso.org/isoiec-27001-information-security.html) is an internationally recognized standard that provides a framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). The standard sets out the requirements for managing information security risks and protecting sensitive information within an organization. ISO 27001 takes a systematic and risk-based approach to ensure the confidentiality, integrity, and availability of information assets.
+[ISO 27001](https://www.iso.org/isoiec-27001-information-security.html) is an internationally recognized standard that provides a framework for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). The standard outlines the requirements for managing information security risks and protecting sensitive information within an organization. ISO 27001 takes a systematic and risk-based approach to ensure information assets' confidentiality, integrity, and availability.
 
-The standard encompasses a comprehensive set of controls and best practices for managing information security. It covers various aspects, including risk assessment and treatment, security policies, organizational roles and responsibilities, asset management, access control, cryptography, incident management, business continuity, and compliance. 
+The standard encompasses comprehensive controls and best practices for managing information security. It addresses various aspects, including risk assessment and treatment, security policies, organizational roles and responsibilities, asset management, access control, cryptography, incident management, business continuity, and compliance.
 
-The ISO27001 certification is obtained after an audit conducted by an independent third party that acts as certification authority and verifies that the organization is applying all security measures and controls required by the norm.
+In addition to ISO 27001, we are also applying the specific guidelines of ISO 27017, which provide enhanced controls tailored for Cloud services, further strengthening our approach to information security.
 
-Our compliance with ISO 27001 demonstrates that Arduino is committed to ensure the best possible security posture for Arduino Cloud services, thus ensuring the best possible protection from cybersecurity risks for Arduino Cloud users.
+The ISO 27001 certification is granted after an audit conducted by an independent third party acting as a certification authority, which verifies that the organization is applying all security measures and controls required by the standard.
 
+Our compliance with ISO 27001 and ISO 27017 demonstrates Arduino's commitment to ensuring Arduino Cloud services' highest possible security posture, thereby providing optimal protection against cybersecurity risks for Arduino Cloud users.
 
-[Download our ISO27001 certificate here](./assets/ISOIEC-27001.pdf)
+[Download our ISO27001 certificate here](./assets/ISOIEC-27001-2022.pdf).