LST EN ISO / IEC 27001:2023

(ISO/IEC 27001:2022)

Information security, cybersecurity and privacy.

Information security management systems. Requirements

The requirements set out in this international standard are general and are applicable to all organizations, regardless of their type, size or nature. An information security management system protects the confidentiality, integrity and availability of information by applying a risk management process and assures interested parties that the risks associated with information security are adequately managed. The implementation of this system demonstrates the organization's responsible approach to the management of its customer data and ensuring its confidentiality and security. ISO 27001 requirements meet 80 percent of the requirements of the TIS2 Directive (protection of network and information systems) and the Law on Cybersecurity of the Republic of Lithuania, therefore the implementation and certification of this standard is a best practice to implement the requirements of the TIS2 Directive and the Law on Cybersecurity of the Republic of Lithuania.