It is widely known,
information security management system (ISMS),
though there are more than a dozen standards
in the ISO/IEC 27000 family.
Using them enables organizations of any kind
to manage the security of assets
such as financial information,
employee details or information entrusted
by third parties.
The version used in this section is
ISO/IEC 27001:2013 - Annex A.
9.1.2 - Access to Networks and Network Services
12.4.1 - Event Logging
14.1.3 - Protecting Application Services Transactions
18.1.3 - Protection of Records
18.1.4 - Privacy and Protection of Personally Identifiable Information