Information technology -- Security techniques -- Code of practice for information security controls

This International Standard establishes guidelines and general principles for initiating, implementing and maintaining information security management in an organization.