ISO/IEC 27001:2013 is a widely-adopted global security standard that outlines the requirements for information security management systems and provides a systematic approach to managing company and customer information based on periodic risk assessments. The latest standard, ISO/IEC 27001:2013, was published on September 25, 2013 by the International Organization of Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee.