What is ISO 27001

ISO/IEC 27001 is an international standard for Information Security management. It provides the basis for effective management of sensitive, confidential information and for the application of information security controls.

Organizations can utilize the ISO/IEC 27001 standard to demonstrate their conformance to best practice and excellence in Information Security management. An organization that conforms to the ISO/IEC 27001 standard possesses clear, objective proof of its commitment to continued improvement of control over its sensitive and confidential information.

ISO/IEC 27001 therefore provides reassurance to sponsors, shareholders and customers that the organization has expert control over its risk management and data security.