ISO 27001 is the International Standard for Information Security.

It is a management system It sets out how you manage your information security.

It includes in there things like policies risk management continual improvement leadership buy-in how you've structured how you report how you monitor how you measure.

It is at its heart a management system.

And that management system is a risk-based system

So in a risk-based system we manage our risks based on our business need and the level that the risk poses to us.

#ISO27001 #InformationSecurity #Cybersecurity

свернуть