@honze_net
Had a similar question about ISO/IEC standards in this regard, especially as they aren't developed under the governance of the EU. As far as I know ISO27001 isn't referred to in law and so no requirements to make public. Would be interesting if somebody makes a similar case for standards referred to in procurement. I recall in Netherlands we already had some standards public because they were referred in the law.
@jwildeboer