SO/IEC 27001 Certification Information Security Management SystemI
ISO 27001 certification is an international standard for information security management system established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and the most authoritative international certification standard in the field of information security. This covers 133 items in 11 areas related to information security, including information protection policy, physical security, and information access control.ISO/IEC ISO 27001 compliance consulting is composed of 10 items including organizational environment, leadership, planning, support, operation, performance evaluation, and improvement, and 14 control items (refer to ISO/IEC 27002 for control items). The requirements of this standard have been formulated to be general for applicable to any organization, regardless of its type, size or characteristics.
- Scope
- Normative reference
- Terms and definitions
- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement-