ISO/IEC 27001:2013 is structured in line with ISO 9001:2000

ISO/IEC 27002:2013 does not specify technology

ISO/IEC 27004:2016 provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system.

An ISMS is a part of the overall management system that operates, monitors, reviews, maintains and improves information security.

One of the best methods for reducing risks to the data of an organization is to implement a program that establishes an information security governance framework.

ISO/IEC 27001:2013 is a methodology that includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

Thanks to the integrated P-D-C-A approach, an ISMS produces, with the necessary actions and processes, the information security results that meet the requirements and expectations