The ISO/IEC 27001 standard enables organizations to establish an information security management system and apply a risk management process that is adapted to their size and needs, and scale it kak?m necessary bey these factors evolve. Companies that adopt the holistic approach described in ISO/IEC 27001 ensure that information security is built