ISO 27001 instead COBIT and COSO

Answer:
ISO 27001 is the lead standard about the information security, and most of laws and regulations about information security of all the world are based on this standard.

COBIT is focused on IT governance, which also includes information security, but ISO 27001 is more specific.

Regarding COSO, this standard is also for different things: internal control, event identification, risk assessment, etc. So, again, this standard is not specifically developed for information security.

So, if you want to establish an Information Security Management System to protect your information, the best option, from my point of view, if the ISO 27001.

This article can be interesting for you Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/

And also this free webinar “ISO 27001 benefits: How to obtain management support” : https://advisera.com/27001academy/webinar/iso-27001-benefits-how-to-get-management-buy-in-free-webinar-on-demand/

Finally, these materials will help you to know more about the benefits of ISO 27001:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/