ISO 27001, COBIT and SOX

Answer:
ISO 27001 is used when a company wants to Information Security Management System (ISMS) to protect the information of his business, or when a company needs an international certificate to demonstrate to the world that he is compliant with an international standard related to the protection of the information. This article can help you to know more basic information about ISO 27001 “What is ISO 27001?” : https://advisera.com/27001academy/what-is-iso-27001/

And this article can show you what are the benefits of the implementation of ISO 27001 “Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/

So, generally the compliance with ISO 27001 is optional, unless you have an agreement with another party that establishes that you need to implement the standard.

Regarding SOX, it is also related to the information security, although it is related to the public company accounting and investor protection, and it is applicable for all companies that traded in NYSE (New York Stock Exchange).

Regarding COBIT, it is similar to ISO 27001, because it is an international standard, although you cannot certify it, and it is related to the governance of IT (which includes information security, but not only this).

Our online course can be interesting for you if you need more information about the implementation and compliance of ISO 27001 “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/