ISO/IEC 27001 Information Security

ISO/IEC 27001: Image of a castle wall

Protecting information - your most valuable asset

Overview Benefits Training Steps to certification

Overview 

Information is critical to the operation and perhaps even the survival of your organization. Being certified to ISO/IEC 27001 will help you to manage and protect your valuable information assets.

ISO/IEC 27001 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls.

This helps you to protect your information assets and give confidence to any interested parties, especially your customers. The standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving your ISMS.

Who is it relevant to?

ISO/IEC 27001 is suitable for any organization, large or small, in any sector or part of the world. The standard is particularly suitable where the protection of information is critical, such as in the finance, health, public and IT sectors.

ISO/IEC 27001 is also highly effective for organizations which manage information on behalf of others, such as IT outsourcing companies: it can be used to assure customers that their information is being protected.


Next steps

Select your country site for further information on the services and products offered in your region. Alternatively, view our global office directory to contact your local office direct.

Back To Top
Print this page

ISO/IEC 17799 Renamed ISO/IEC 27002

It's only a number change but ISO/IEC 17799:2005 - the Code of Practice for Information Security - has been renamed ISO/IEC 27002:2005 to bring it in line with the ISO/IEC 27000 series of standards.

Related Links

Related standards

Country selector

Select your country for detailed information on the services we offer in your region or to talk to a local representative.