ISO 27001
ISO 27001 is an international information security standard for setting up and maintaining an information security management system (ISMS).
Its full name is ISO/IEC 27001:2005, and the standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System (ISMS). It specifies requirements for the management of the implementation of security controls.
ISO 27001:2005 is intended to be used with ISO 17799:2005, a security code of practice, which offers specific security controls to select from.
ISO 27001 Resource Centre
This Internet resource provides information on:
- What the standard is and how to implement it
- How to get certified to ISO 27001
- ISO 27001 Books and Publications
- Templates for downloading, to get you started