ISO/IEC 27001:2005

ISO/IEC 27001

The ISO/IEC 27001 is an international standard for the evaluation and certification of the management of information security processes within companies. In addition to information technology, ISO/IEC 27001 particularly considers the relevant business processes. It not only describes the demands made on the organisation and the technical systems, but also the suitable activities for permanently sustaining the security level determined on the basis of the risk assessment.Information is to be considered as a company asset that needs protection against a variety of threats.
Information Security means: