Information Security Management

ISO/IEC 27001 provides requirements for an information security management system (SIMS), though there are more than a dozen standards in the ISO/IECD 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

ISO/IEC 27000:2018

Information technology — Security techniques — Information security management systems — Overview and vocabulary

  • Relevant education / certification of Information Security Management (e.g. CISM, CISSP, CISA)

(ISO27001/2, ISF Standards of Good Practice, PCI DSS, FIPS, HIPAA