Glossary
ISO 27001
International standard for information security management systems (ISMS).
ISO 27001 defines requirements for an ISMS, covering risk management, policies, and controls (Annex A). Certification demonstrates a systematic approach to protecting information.
Often paired with SOC 2 and privacy laws like GDPR or CCPA. Continuous risk assessments and internal audits are required to maintain certification.