@Steven-3786 , adding additional information here to add to our discussion during the QnA.
- The greyed out items typically are where the compliance cannot be automatically tracked e.g. people and process standards. Microsoft provides some additional information and guidance in docs e.g. https://learn.microsoft.com/en-us/azure/governance/policy/samples/iso-27001. The compliance organizations that provide the standards also provide guidance e.g. https://www.iso.org/isoiec-27001-information-security.html
- The FastTrack for Azure team do assist customers that meet program criteria with addressing compliance recommendations.
- The FastTrack for Azure team is an advice and guidance service. A combination of customer, FastTrack for Azure and Microsoft Support Services is typical in working through the recommendations.