What Should an ISO 27001 Information Security Policy Include?
ISO 27001 is the information security management standard used the world over by assorted businesses, companies, and organisations. First published in 2005, this popular standard was developed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) – its full title being ISO/IEC 27001. The standards main purpose is to help organisations keep their information assets secure and a key part of its framework is the creation of an information security policy for the business that implements ISO 27001.