Why your ISO 27001:2022 gap analysis is broken before it starts | Vulnox Blog