Skip to main content

GLOSSARY

ISO 27001

International standard for information security management systems (ISMS).

ISO 27001 defines requirements for an ISMS, covering risk management, policies, and controls (Annex A). Certification demonstrates a systematic approach to protecting information.

Often paired with SOC 2 and privacy laws like GDPR or CCPA. Continuous risk assessments and internal audits are required to maintain certification.

All terms