ISO 27001:2013 – Information Technology – Securitiy Techniques – Information Security Management Systems
The ISO 27001:2013 Standard provides guidance and specifies requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS) within your business.
This Information Security Management Standard is part of the ISO 27000 Family of Standards.
The ISO 27001 Standard is all about preserving and protecting the confidentiality, integrity and availability of information by applying a risk management process and provision of confidence to interested parties that risks are adequately managed.
The Information Security Management System Standard’s core aspects are protection, confidentiality and integrity of information.
ISO 27001 also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organisation.