ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system.
This standard enable organizations of all sectors and sizes to manage the security of assets such as financial information, intellectual property, employee data, and information entrusted by third parties