Definition: ISO 27000/IEC (affiliated with Information Security Management Systems) is the latest iteration of the International Standards Organization's efforts to specify a comprehensive set of security practices. ISO 27000 is a series that contain a number of standards and controls. You can get more information at the ISO's web site www.iso.org. The topics associated with evolving standards have a broader scope and the objective providing definitions for information security terms as well as support for specific industry sectors and more detailed guidance as well as utilizing gap analysis to help pinpoint weaknesses.
Its Relevance: The new International Standards Organization standard for information security is much broader and more relevant for business, industry and government use. More and more business organizations are adopting the ISO 27000 series of security controls. Using the ISO 27000 series as a basis for information assurance bolsters an organization's due diligence efforts.