Which ISO standard specifically addresses information security management systems (ISMS)?

ISO 27001 specifically addresses information security management systems (ISMS). ISO 27001 is an international standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an ISMS. An ISMS is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization's information risk management processes. The standard provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an ISMS. It uses a risk-based approach to identify, assess, and treat information security risks. Achieving ISO 27001 certification demonstrates that an organization has implemented a comprehensive ISMS and is committed to protecting its information assets. This certification is widely recognized and respected, providing assurance to customers and stakeholders that the organization has strong information security controls in place.