ISO 27001
ISO 27001 is an international standard that describes how to manage information security within an organization. This standard specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a Management System Information Security.
ISO 27001 is a standard created by the International Organization for Standardization with the aim of using it for certification.
To obtain such certification a Safety Management System Information that meets the 130 requirements listed in the official document containing the rule should be implemented.
Once properly implemented the Safety Management System Information, an audit of the SGSI can be obtained from a Certificate Authority. If the audit is favourable, the organizational authority shall issue the certificate on behalf of the organization.
ISO 27001 was created considering the Deming cycle, which is an improvement cycle based on the following four activities: Plan, Do, Check and Act.