Information security policies
About us

Search this site

Security awareness content

This website belongs to IsecT Ltd.,
an independent information risk and security
consultancy based in New Zealand.

Visit IsecT's website

For more about IsecT, please visit


It is our pleasure to provide the information on this site, including the ISO27k Toolkit and ISO27k Forum, free of charge.


We are evangelical about information risk and security and wish to spread the good word about the ISO27k standards.

The primary purpose of this website is to describe, promote and share the information risk and security management practices described in the ISO/IEC 27000-series information security management systems standards.

We have used and contributed to the ISO27k standards for decades, dating back to the UK DTI Code of Practice for Information Security in the mid-1990’s that morphed into BS 7799.


We aim to keep the website and ISO27k Forum impartial. What keeps us going is the genuine interest and support from the wider community of ISO27k users, particularly the generous inputs by experienced professionals to the ISO27k Forum and the ISO27k Toolkit. Your selfless involvement means a great deal to us. Thanks all.




The domain, website and much of the information on it was created and is owned by IsecT Ltd. However, we are grateful for permission to publish content generously donated by others, for example many of the questions and answers now in the ISO27k FAQ were originally posted and discussed on the ISO27k Forum, and the ISO27k Toolkit contains example/template documents provided by various contributors. Last but not least, there are numerous quotations from the ISO/IEC and other standards and sources, reproduced under the ‘fair use’ provisions of copyright law. Please consult the cited sources for further information.

Copyright © 2022 IsecT Ltd.