ISO 27001 is an Information Security management system that safeguard your information asset through making the process easier to manage, measure and improve. This system able to make sure your information security is confidentially, Integrity and Availability.
The ISO 27001 standard is based on the Plan-Do-Check-Act methodology that should be continuously implemented in order to minimize risks to the confidentiality, integrity and availability of information.
Plan: Plan the basic organisation of information security, set objectives and choose the appropriate security controls.
Do: Implement the planned processes.
Check: Monitor the functioning of the ISO 27001 and measure if the results meet the objectives.
Act: Take action to continue improve effectiveness on things that were identified as non-compliant in the previous phase.