ABSTRACT
Previous details herein describe the International Standards Organization (ISO) security standards, current state, future plans, and the relationship of the ISO standards to each other. ISO 27001 provides guidance for the creation of an information security management system (ISMS) and references the controls within ISO 27002 to establish and maintain an ISMS. This chapter defines and introduces the ISMS as a prerequisite to discussing foundational concepts and tools necessary to effectively build an ISMS.
