A large multinational company adopts a new standard to enhance its information security management system. The company operates across different regions, so the chosen standard must be internationally recognized.

The company wants the standard to provide a comprehensive framework to ensure adequate and proportionate security controls.

Which of the following standards would be MOST suitable for the company's needs?

answer

ISO$/$IEC $27001$

NIST Special Publication $800-63$

ISO$/$IEC $27018$

PCI DSS