Skip to content

What is ISO 27001 in a nutshell?


ISO 27001 is an international standard for information security management. It provides an information security management system (ISMS) framework that organisations can use to protect their information assets.

The standard outlines the requirements for establishing, implementing, maintaining, and continually improving an ISMS. It also provides guidance on how to address risks associated with the use of information technology. Organisations that comply with ISO 27001 can demonstrate to customers, partners, and other stakeholders that their information assets are secure.