Skip to content Skip to navigation Skip to footer

Information Security

International Organization for Standardization (ISO 27001)

Overview, Goals, and Scope


ISO 27001 provides an international methodology for implementing, managing, and maintaining information security within a company. This information security management system (ISMS) framework minimizes risk and ensures business continuity by proactively limiting the impact of a security breach. ISO 27001 is a globally recognized information security standard, with more than 40,000 organizations certified.


ISO 27001 compliance ensures that organizations protect their consumer and personal data. It is becoming increasingly important as regulatory requirements (such as the GDPR, HIPAA, and CCPA) are ubiquitous. In addition, ongoing risk assessments help identify security threats and vulnerabilities that need to be managed through a set of controls. ISO 27001 consists of 114 controls that provide a framework for identifying, treating, and managing information security risks.


  • FortiGuard portfolio of security services
  • FortiCloud portfolio of services

Key Principles

Protect your data, wherever it lives

Protects all forms of information, whether digital, paper-based, on-premises, or in the cloud.

Defend against cyber-attacks

Significantly reduce your organization’s cybersecurity and data breach risks.

Respond to evolving security threats

Compliant organizations are more agile and able to respond to evolving information about security risks.

Drive an information-security culture

Employees are more aware of information security risks, and security measures are wide-reaching across all facets of the organization.

Meet contractual obligations

Assures Fortinet’s and your organization’s commitment to information-security practice and compliance with information security measures across your supply chain.