ISO 27001 is an international standard for information security in private, public, and non-profit organisations. It describes requirements for the setup, realisation, operation, and optimisation of a documented information security management system.

A central requirement of the ISO 27001 standard and a basic prerequisite for certification is the introduction of an Information security management system (ISMS).