ISO 27001 (ISO27001) Standard

What is ISO 27001?

ISO 27001 is the international standard describing best practice for an Information Security Management System (ISMS).The standard sets out specific requirements for which an organisation's ISMS can be audited and certified against. The standard:

  • Will underpin and protect IT worldwide over the next decade
  • Harmonises with ISO 9001:2008, ISO 14001:2004, ISO 20000 and others for effective management system integration
  • Implements the Plan-Do-Check-Act (PDCA) model, and
  • Reflects the principles of the 2002 OECD guidance on the security of information systems and networks.

If you are new to information security and ISO 27001, a good place to start is by reading our Green Paper, Information Security and ISO 27001 - An Introduction.

Download here >>

If you’re new to ISO 27001, we recommend:

Benefits of ISO27001 Compliance

ISO 27001 is recognised worldwide as an information security standard that provides best practice guidance for an organisation's ISMS. By achieving certification, your organisation will benefit from advantages such as:

  • Keeps confidential information secure
  • Wins you new business
  • Gives you an edge over your competitors
  • Protects your most vital assets
  • Helps you manage and minimise risk
  • Allows for information to be exchanged securely

Achieving ISO 27001 Certification

Achieving ISO 27001 Certification can be simplified. There are a number of toolkits out there that provide all the pre-written documents you need which can be tailored to your organisation. They are often cheaper than one day’s consultancy fee and enable you to be your own expert.

We recommend:


ISO 27001: IT Governance Products & Services

IT Governance Asia Pacific is Asia's one-stop-shop for ISO 27001. The website is denominated in US, Singapore, Hong Kong and New Zealand Dollars, and ships from a Hong Kong warehouse, meaning fast and cost-effective shipping for all Asia Pacific residents. We will help you identify and access a wide range of ISO 27001 related information, advice, books & tools.


ISO 27001 Training

Our ISO 27001 training courses are led by experts in the ISO 27001 field, and provide comprehensive information on specified areas. Although held in London and Manchester (UK), we offer help in finding appropriate hotels, close to the training venue. Alternatively, we also offer in-house training, anywhere in the world.

Read more information about our training courses.

The ISO 27001 training courses we offer are:


More information

For more information on areas to do with information security, please see the relevant topic pages listed below: