ISO/IEC 27001:2005 Information Technology—Security techniques—‎Information security management systems—Requirements is an ‎
information security management system (ISMS) standard published ‎in October 2005 by the International Organization for ‎Standardization (ISO) and International Electrotechnical Commission ‎‎(IEC). Implementing ISO 27001 can enable enterprises to benchmark ‎against competitors and to provide relevant information about IT ‎security to vendors and customers, and it can enable management to ‎demonstrate due diligence. ‎