Developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO 27001 provides guidance to businesses aiming to maintain a high level of security control over their data and IT systems.
The process of gaining ISO 27001 centres around implementing an Information Security Management System (ISMS).
Put simply, an ISMS comprises the policies, procedures and controls needed within an organisation to manage information security risk.
As the world's most widely recognised information security standard, ISO 27001 provides trust and assurance to organisations of every size, and across every industry and jurisdiction.
This is a guide to becoming ISO 27001 certified.