ISO 27001

The international standard for information security management systems (ISMS). ISO 27001 certification tells customers and partners that an organization has a systematic approach to managing information security risks -- policies, controls, risk assessments, and continuous improvement. Certification requires a third-party audit and annual surveillance audits. Often a prerequisite for enterprise sales, especially in regulated industries.