ISO 27001 is an international standard that defines the requirements for an information security management system (ISMS).
- the standard specifies requirements for information security management
- it requires how to handle information, data, information technology, how to have set processes, guidelines and processes
- sets and enforces such management principles to minimize the risks of loss, misuse or leakage of data and information