The document provides an overview of ISO/IEC 27001:2005, which specifies a management system for information security. It discusses the 11 domains the standard covers, including security policy, asset management, access control, and compliance. The standard contains 133 controls across the domains to help organizations manage risk and protect information assets. Some of the key changes in the 2013 version include expanded coverage of risk management and separate requirements for management and leadership roles in information security.