The ISO/IEC 27001 is an information security management system (ISMS) standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2013 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.
This content is available in English only.
Mappings for the ISO 27001 to the RSA Archer Control Standard Library are available in the authoritative source content pack. This content includes questions associated with this authoritative source
This content requires a license and/or membership in good standing as required by the terms set forth by ISO. For more information about licensing, contact ANSI.
For Additional Support
To learn more about this content, please contact your Account Rep for additional details. To obtain this content or for technical support questions, please open a support case or contact RSA Archer at firstname.lastname@example.org for more information.