Skip to content

Glossary definition: ISO/IEC /IEC 27000

ISO/IEC 27000: Standards for Information Security Management

ISO/IEC 27000 is a family of international standards developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that provide best practice guidelines for information security management. It is designed to help organizations ensure the confidentiality, integrity, and availability of their information assets. The standards cover a wide range of topics, including risk management, access control, physical and environmental security, asset classification, personnel security, and incident management. They provide guidance on how to design, implement, and maintain an effective information security management system (ISMS). The standards also provide a framework for organizations to assess their security posture and identify potential areas for improvement. The ISO/IEC 27000 family of standards is widely recognized and adopted by organizations around the world.