Vulnerability Management for ISO 27001: How to Keep Up?

The author of the post mentions that their organization is in the process of implementing the ISO 27001 standard and finds vulnerability management more complex than expected. They wonder how often scans should be performed and whether every detail should be recorded or only major elements. The author is seeking to balance rigor and documentation without excess.