Information is a critical asset for organizations in today's digital age. Protecting confidential information is of utmost importance to avoid reputational damage, legal implications, and financial loss. The ISO 27001 standard provides a framework for organizations to implement an Information Security Management System (ISMS) to protect their information assets. In