信息安全技术单选题中等
Which of the following statements is true about ISO/IEC 27001? (选择题)
AISO/IEC 27001 is a mandatory standard for all organizations.
BISO/IEC 27001 is a best practice framework for information security management.
CISO/IEC 27001 is specifically designed for IT security.
DISO/IEC 27001 focuses solely on technical controls.