Which statement about ISO/IEC 27001 is true?
A.
It is only intended to report security breaches to the management authority
B.
It was reviewed by the intermational Electrotechnical Commission
C.
It was reviewed by the intermational Organization for Standardization
D.
It is intended to bring information security under management control
E.
It was published by ISO/IEC