Blog

ISO 27001 Information Security Management System Standards

The ISO/IEC 27001:2005 is the newest management structure standard to help ensure information security. This leading-edge tool helps enable organization to organize information security processes and document successive actions in a format that allows companies to implement security controls that can be personalized to their specific business needs.

The ISO/IEC 27001:2005 Standard forms a corresponding pair with the ISO/IEC 17 799:2005 - Code of practice for information security management, and replaces the British ordinary BS 7799-2 used previously by organizations to register their ISMS. The standard is intended to provide the foundation for third party audit, and is "harmonized" with other ISO standards such as the ISO 9001 and ISO 14001.