Gregory's Server@honze_net @jwildeboer This was already enforced by law though, and this decision seems to be about a case where adhering to the standard was required by law. So there's an explicit reference, hence the standard should be open.
ISO 27001 practices are not required by law, it's most often a requirement of – and regulated by – industry partners. So there's no explicit reference that will open the standard to the public.
@honze_net @jwildeboer Addendum: I just considered that I may be confusing EU law with Dutch laws, where this was already implemented like this here.
If that's the case then applying it EU wide certainly seems great!