In September 2013 the revised version of the popular information security management system standard ISO/IEC 27001 was published.
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.The standard explicitly refers to information security, that is the security of all forms of information (computer data, documentation, intellectual property etc.) and not just IT/systems security or the so called cybersecurity.