With its risk-based approach, the Information Security standard provides the targeted security level with the right human resources and information technology infrastructures for the basics of information and knowledge in these processes of organizations.