(The ISO27001 specification was established by the UK Department of Trade and Industry in 1993, and BS7799-1:1995 "Implementation Rules for Information Security Management" was first published in the UK in 1995. It provides a comprehensive set of implementation rules consisting of the best practices for information security. It is intended to be the sole reference for determining the extent of control required by business information systems in most situations, and is applicable to large, medium and small organizations.
Comprehensive analysis of ISO27001 specification (new edition).pdf)