ISO 27001:2005 is the international standard for Information Security Management Systems (ISMS).
ISO 27001:2005 provides the framework for a technology neutral, vendor-neutral management system that enables an organization to assure itself that its information security measures are effective. This includes the continued accessibility, confidentiality and integrity of its own information and that of its stakeholders as well as legal compliance.
ISO 27001:2005 is applicable to any organization where the misuse, corruption, or loss of its business or customer information could result in major commercial prejudice.
NQA has registered organizations to ISO 27001:2005 in sectors as diverse as storage and warehousing, secure destruction, telecommunications, advertising, financial outsourcing and software development.