Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to Confluence as ISMS for ISO 27001

Simon Sahli
Simon Sahli
Contributor
August 7, 2024

Hi Atlassian community,

we are currently in audits for getting certified for ISO 27001 with Confluence as our ISMS.
We therefore need to make Confluence ISO ready based on the feedback we have gotten from the auditor. The main feedback was that every newly published version should have a comment, which is currently not possible due to ([CONFCLOUD-6373] Option for making page-publish/edit comments mandatory - Create and track feature requests for Atlassian products.)

We are looking into the following app that seems promising: Workflows for Confluence - Document Management & Approvals | Atlassian Marketplace

I however still wanted to ask some questions the community that are or were in the same situation to use Confluence as their ISMS for ISO 27001.

What kind of changes have you done in Confluence to get ISO 27001 ready (structure, content and technical)?
Which kind of Confluence built-in functionality do you use?
What kind of Marketplace apps have you added for this use-case?

I also need to mention that we are having Confluence Standard, which could potentially limit on what we can do, but even if you are using Premium functionality then this is good to know.

Thanks in advance for any kind of response!

Cheers
Simon

Answer
Watch
Like Be the first to like this
738 views

2 answers

2 votes
Aron Gombas _Midori_
Aron Gombas _Midori_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 8, 2024

As fo recommended apps, to implement a continuous process that runs in the background, and categorize your pages to custom statuses using flexible conditions, the Better Content Archiving is super-useful.

It focuses on workflows, not on manual ones, but automated ones. It offers reports, notifications and automations for the different statuses.

Learn more about its feature set, it may be an option to consider!

 

 

Reply
1 vote
Adrian Hülsmann - B1NARY
Adrian Hülsmann - B1NARY
Atlassian Partner
January 23, 2025

Hello @Simon Sahli

Confluence is a good choice for an ISMS as part of ISO 27001 certification. However, you will probably need a plugin to extend the feature set and address the ISO requirements.

Point 7.5.2 of ISO 27001 describes two main aspects: "When creating and updating documented information, the organization shall ensure appropriate review and approval for suitability and adequacy."

Our app, Breeze, covers both of these aspects (plus more, such as data exports and audit logs), and many of our customers use it for ISO 27001 certification.

You can install it from the Atlassian Marketplace and try it for free, or schedule a demo with me to see how it works and how it addresses the particular requirements of ISO 27001.

All the best,
Adrian from B1NARY (we are the developers of Breeze)

,

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events