ISO 27001 is the international standard which is recognized globally for managing risks to the security of information you hold. Certification to ISO 27001 allows you to prove to your clients and other stakeholders that you are managing the security of your information. ISO 27001:2013 (the current version of ISO 27001) provides a set of standardized requirements for an Information Security Management System (ISMS). The standard adopts a process based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.
ISO/IEC 27001, part of the growing ISO/IEC 27000 family of standards, is an Information Security Management System (ISMS) standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electro technical Commission (IEC). Its full name is ISO/IEC 27001:2013 – Information technology — Security techniques — Information security management systems — Requirements but it is commonly known as “ISO 27001”. ISO/IEC 27001 formally specifies a management system that is intended to bring information security under explicit management control.