Sumit Kalra, Partner, Technology Assurance and Compliance, bpmcpa. For most cloud companies, ISO 27001 is a good starting point for methodically communicating their security posture to the enterprise clients. Cloud providers can use the ISO 27001 implementation with incremental enhancements and demonstrate compliance with multiple well accepted compliance frameworks, i.e. ISO 27018, HIPAA, FedRAMP, SOC, etc. The objective of the presentation is to share effective and efficient strategies to help achieve multiple compliance needs of an organization with incremental efforts and a unified approach.