ISO / IEC 27001:2005

ISO / IEC 27001:2005

• can be used for certifying a company’s ISMS and making comaprisons to other companies’ ISMSs.
• Defines a company’s ISMS and how it’s structured, controlled, run, and maintained.