ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements
ISO / IEC 27001 is an international standard that defines the requirements for an Information Security Management System. This standard provides the basis for effective management of confidential and sensitive information and for the application of controls for information security. Data security and safeguarding privacy is very important for all organizations that collect, retain and manage information of various types like writing information, verbal information or electronical information. The standard adopts a process approach to establish, implement, review, manage and improve the management system of information security and privacy. Compliance with the standard guarantees the protection of information and the increase of trust in the organization of the stakeholders and customers.
