This website belongs to IsecT Ltd.,
an independent information risk and security
management consultancy based in New Zealand.

For more about IsecT, please visit IsecT.com and SecAware.com

We are evangelical about information risk and security, spreading the good word about the ISO27k standards.

The primary purpose of this website is to describe, promote and share the information risk and security management practices described in the ISO/IEC 27000-series information security management systems standards.

We have used and contributed to the ISO27k standards for decades, dating back to the UK DTI Code of Practice for Information Security in the mid-1990’s that morphed into BS 7799 and then ISO/IEC 17799. This website was established in 2005 when ISO/IEC 17799 became ISO/IEC 27001, launching the ISO27k series.

We aim to keep the website free, impartial and most of all valuable. Genuine interest and engagement from ISO27k fans around the world is what keeps us going. Your selfless involvement and support means a great deal to us. Thanks all!

The domain, website and much of the information on it was created and is owned by IsecT Ltd. However, we are grateful for permission to publish content generously donated by others, for example many of the questions and answers now in the ISO27k FAQ were originally posted and debated on the ISO27k Forum, and the ISO27k Toolkit contains material donated by various generous contributors. Last but not least, there are numerous snippets from the ISO27k standards and other sources, reproduced here under the ‘fair use’ provisions of copyright law. Please consult the cited sources for further, definitive information and contact us for information about Intellectual Property Rights such as permission to use the content for commercial purposes, AI LLM training etc.