Confidentiality- ensuring that access to information is appropriately authorized.

Integrity- safeguarding the accuracy and completeness of information and processing methods.

Availability- ensuring that authorized users have access to information when they need it.

Security policy.

Organizational security

Asset classification and control.

Personnel security.

Physical and environmental security.

Communications and operations management.

Access control.

System development and maintenance.

Business continuity management.

Compliance.

Asset classification and control.

Interoperability: This is a general benefit of standardization. The idea is that systems from diverse parties are more likely to fit together if they follow a common guideline.

Assurance: Management can be assured of the quality of a system, business unit, or other entity, if a recognized framework or approach is followed.

Due Diligence: Compliance with, or certification against, and international standard is often used by management to demonstrate due diligence.

Bench Marking: Organizations often use a standard as a measure of their status within their peer community. It can be used as a bench mark for current position and progress.

Awareness : Implementation of a standard such as ISO 27001 can often result in greater security awareness within an organization.

Alignment: Because implementation of ISO 27001 (and the other ISO 27000 standards) tends to involve both business management and technical staff, greater IT and Business alignment often results.