ISO 27001 is an International Standard for managing information security and systematically protects  your information assets and improves your standing.

​

The Key Aspects are:
 

• ISMS - a systematic approach to managing sensitive company information so that it remains secure

• Risk Management - identifying potential security risks and evaluating them

• Annexe A Controls - These cover various aspects of information security, software development security and incident management among other areas.

• Operation ( usually the focus of the controls since it analyses the day to day operation )

• Performance Evaluation ( how do you manage and review performance )

• Continuous Improvement ( all ISO standards expect organisations to aim for continual improvement )