Information security, is simply, the practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction. ISO/IEC 27001 is an international standard designed and formulated to help create a robust information security management system (ISMS). It can be Certified by Certification Bodies and it is applicable to all industry sectors.