ISO 27001 is the new international standard for an Information Security Management System (ISMS). Replacing BS7799-2, ISO/IEC 27001:2005 (to give it its correct name) is the requirements specification that will enable businesses and organizations throughout the world to develop a best-in-class ISMS.

ISO 27001 is the first in a family of international information security standards that will underpin and protect IT worldwide over the next decade. ISO27001 is designed to harmonise with ISO9001:2000 and ISO14001:2004 so that management systems can be effectively integrated.

It implements the Plan-Do-Check-Act (PDCA) model and reflects the principles of the 2002 OECD guidance on the security of information systems and networks. By achieving ISO 27001 (BS 7799) certification, you will be able to demonstrate to your customers and shareholders that you have developed and implemented a framework for the management of your IT systems and data in a secure way.