ISO 27001 is an Information Security Management System (ISMS).
Information assets shall be utilized securely. ISO 27001 aims to identify, prevent, mitigate, and eliminate IT security risks. The standard is applicable to all organisations, irrespective of size or sector.