ISO 27001 is the international standard for information security management systems (ISMS), maintained by ISO and IEC. Like SOC 2, it’s a third-party-audited framework that demonstrates a vendor has formal information security controls. ISO 27001 is more common in European, Asian, and global markets; SOC 2 dominates in the US.
For customer portals serving global enterprise customers, both certifications are often expected. The underlying controls overlap significantly — many vendors that pursue one ultimately pursue both.
See Secure Client Portal.