ISO27001 information security management and practical rules of ISO/IEC27001 formerly known as British includes standard, the standard by the British standards institution (BSI) in February 1995, and in May, 1995 revision. In 1999, BSI to modify the standard. Includes is divided into two parts: includes 1, information security management implementation rules includes 2, information security management system specification. The first part of the information security management recommendations for start is responsible for the organization, implementation and maintenance of security personnel to use; The second part illustrates the establishment, implementation and information documented safety management system (ISMS), stipulated according to the needs of independent organization should be the implementation of safety control.