It is the leading international standard focused on information security, published by the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission (IEC). Both are leading international organizations that develop international standards. ISO 27001 was developed to help organizations, of any size or any industry, to safeguard their information in an efficient and cost-effective way, through the implementation of an Information Security Management System (ISMS). A company can also get certified against ISO 27001 and, in this way, prove to its customers and partners that it safeguards their data. Because it is an international standard, ISO 27001 and is easily recognized all around the world, so it increases business opportunities for organizations and professionals.
Objectives
- Confidentiality: only the authorized persons have the right to access information.
- Integrity: only the authorized persons can change the information.
- Availability: the information must be accessible to authorized persons whenever it is needed.