What is ISO 27000?
The standards that make up the ISO/IEC-27000 series are a set of standards created and managed by the International Organization for Standardization (ISO) and the International Electronic Commission (IEC). Both international organizations are involved in many countries, ensuring their wide dissemination, implementation and recognition around the world.
The 27000 series are aimed at establishing good practices in relation to the implementation, maintenance and management of the Information Security Management System (SGSI) or by its name in Information Security Management System (ISMS). These guidelines aim to establish best practices in relation to different aspects related to information security management, with a strong focus on continuous improvement and risk mitigation.
ISO 27000: provides the basics and common language for the rest of the standards in the series.