ISO/IEC 27001:2013
ISO/IEC 27001:2013 is the Information Security Management System (ISMS) standard that is maintained by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The standard describes the specific requirements for protecting information assets and the use of security controls to manage information security risks. An ISO/IEC 27001:2013 registered information security management system supports the preservation of confidentiality, integrity and availability of information.