ISO 27001:2013 is an information security standard that was developed and published by the International Organization for Standardization and the International Electrotechnical Commission. It is specific to the information security management systems of an organization. Organizations that meet the standard gain this official certification once they successfully pass an independent and formal audit process.