Business
ISO 27001
ISO 27001 is the international information security management standard. More documentation-heavy than SOC 2. Required for: European enterprise sales, government contracts, financial services in some jurisdictions.
More detail
Most US-based B2B SaaS prioritise SOC 2; UK + EU customers often require ISO 27001. Cost: similar to SOC 2 ($15-30K all-in annually). Tools: Vanta, Drata, ISMS.online. The two certifications overlap ~70%; getting both costs maybe 1.4x getting one.