ISO27001:2005 | Cloudcontrols.org – Cloud assurance compliance
Google

ISO27001:2005

The ISO/IEC 27001:2005 standard is the most used Information Security standard. Certification of implementation of the ISO/IEC 27001:2005 standard is available through ISO-partners.

The standard details the following subjects.

  • Information technology
  • Security techniques
  • Information security management systems
  • Requirements

ISO27001 describes the implementation and requirements of the Information Security Management System within organisations. It focuses on the management of information security, while the related standard, ISO27002:2007, provides a control framework for implementing security measures. Certification on ISO27001 usually means the ISO27002:2007 framework has been used as a code of practice for implementation. Certification in ISO27002:2007 is not possible.