ISO/IEC 27001 is an international standard that provides a framework for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It helps organizations manage the security of assets such as financial information, intellectual property, employee details, and information entrusted by third parties.