What is ISO 27001?

ISO 27001 is an international standard that provides a framework for Information Security Management System (ISMS). It specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system to protect the confidentiality, integrity, and availability of an organization's information assets.

ISO 27001 includes a risk management approach to information security and requires organizations to identify and assess their information security risks and implement appropriate controls to manage those risks. It also provides a systematic approach to managing sensitive company information, including financial data, intellectual property, and employee and customer information.

How widely used is the ISO 27001 standard?

ISO 27001 is widely recognized and used by organizations of all sizes and types, including businesses, non-profit organizations, and government agencies, to ensure that they are adequately protecting their sensitive information and reducing the risk of data breaches or other security incidents. The certification process involves a third-party audit of an organization's compliance with the standard's requirements.

Related Topics
SOC 2
NIST
Vulnerability management
Attack surface management

Stay Connected

Subscribe to the latest JupiterOne news

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Recommended resources

Datasheet
CSPM Datasheet | JupiterOne + AWS
Report
The 2023 State of Cyber Assets Report
Datasheet
CAASM Datasheet | JupiterOne
Report
Forrester | Total Economic Impact of JupiterOne
eBook
The Cyber Defense Matrix
Video
CEO Erkang Zheng answers 5 critical cybersecurity questions for organizations