Sign in

What is the ISO 27001 security standard?

What is the ISO 27001 security standard?

The ISO/IEC 27001 standard gives necessities to data security the board frameworks (ISMS). Distributed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the ISO 27001 security standard is a bunch of best practices that help associations in dealing with their data security by tending to individuals, cycles, and innovation. The standard applies to associations of any size or type and is innovation and merchant neutral.

‍The ISO/IEC 27001 standard connects with a danger-based way to deal with data security, expecting associations to recognize data security hazards relevant to their association and the space wherein they work, and to choose the suitable controls to address those risks.

‍ISO 27001 contains 114 controls isolated into 14 classes. There is no prerequisite to carry out the full rundown of ISO 27001's controls; rather, they are opportunities for an association to consider dependent on its specific necessities. The 14 classifications are:

Information security policies

Organization of data security and the task of responsibility

Human asset security

Information resource management

Employee access control

Encryption and the board of touchy information

Physical and ecological security

Operations security

Communications security

System procurement, advancement, and maintenance

Supplier relationships

Information security occurrence management

Information security parts of business congruity management


‍ISO 27001 is an elite standard that can uphold an association in demonstrating its security practices to expected clients. The full standard gives a wide scope of controls an association can use to guarantee its way to deal with data security is exhaustive.

Zupyak is the world’s largest content marketing community, with over 400 000 members and 3 million articles. Explore and get your content discovered.
Read more