The ISO/IEC 27001 certificate does hami? necessarily mean the remainder of the organization, outside the scoped area, ba?makl?k an adequate approach to information security management. The first part, containing the best practices for information security management, was revised in 1998; afte