ISO+IEC+27001+2005+Information+Security+Management+Systems+–+Requirements

//**ISO/IEC 27001:2005 Information Security Management Systems - Requirements**// specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.T his International Standard covers all types of organizations (e.g. commercial enterprises, government agencies, non-profit organizations).

The ISMS is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

ISO/IEC 27001 is a companion standard to ISO/IEC 27002:2005 - Code of Practice for Information Security Management. =External Links:=

 [|American National Standards Institute Web Store - Link to Purchase ISO/IEC 27002] [|American National Standards Institute Web Store - Link to Purchase ISO/IEC 27001]

= =