ISO 27001:2013

Evolution of ISO 27001 as an Information Security Standard
ISO 27001 has become the most popular voluntarily adopted information security standard worldwide against which companies/institutions can get certified, which means that an independent certification body can confirm that the company/institution/organization has implemented information security compliant with ISO/IEC 27001.

There is an interesting history to the development of this standard. A detailed history can be seen at the following link :

Another great source is available at :
The first ever security standard was published by Department of Trade and Industry (DTI), UK as “Code of Practice for Information Security Management”. The project was taken over by British Standards Institute (BSI) in 1995 and it was revised and published as BS7799.

BSI also released a second part to BS 7799 which formed the implementation part of an ISMS.

Later ISO considering that this should be made as an international standard, revised and released ISO 17799 (or more formally, ISO/IEC 17799) based on BS 7799. The ISO/IEC 17799 was again revised in November 2005 and was published as ISO 27001:2005.

ISO 27001:2005 became the most popular standard for demonstrating information security management system.

Further Reading :

Design and Conduct Effective Information Security Awareness Programs

ISO 27001:2013 Implementation Process

ISO 27001:2013 Internal Audits

ISO 27001:2013 External Audit

ISO 27001:2013 Certification Process