A set of normative requirements for the establishment, implementation, operation, monitoring, and review of an information security management system (ISMS) ● A set of requirements for selecting security controls tailored to the needs of each organization based on industry best practices ● An internationally recognized process, defined and structured to manage information security https://www.infosectrain.com/courses/iso27001li/