Everything is about Zero trust security, you will need to implement it. There are a lot of articles written about zero-trust security the last few months. Some examples:
How to best explain zero trust?
It’s like the quote of Ronald Reagan but just with one additional word: Never trust, but verify
Zero trust ensures, identities are verified and devices are safe before you can access your corporate apps and data.
There is a lot of information available showing you the big picture and which steps you need to take. But in my opinion, some details could be just a little bit better. Of course, the Microsoft assessment tool will show you some steps to take.
This short blog (but with a big pdf in Github) will show you how to transform from nothing to a zero-trust modern organization. This flow also lists which of the ISO 27001 controls you can cross when you have implemented that section.
I hope these steps will help you with your work and making sure you are not forgetting anything.
Please contact me if I missed something. I will try to update the flow as much as possible.