What is one of the main purposes of ISO/IEC 27001?

One of the main purposes of ISO/IEC 27001 is to establish requirements for an information security management system (ISMS). This standard provides a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. By following the guidelines set out in ISO/IEC 27001, organizations can identify and manage potential risks to their information, implement appropriate security controls, and continuously improve their information security practices.

The standard also encourages organizations to adopt a risk-based approach, where they can assess their information security risks and take necessary actions to mitigate them effectively. Compliance with ISO/IEC 27001 not only helps organizations protect their information assets but also reassures stakeholders and clients that proper security measures are in place. This is crucial in today's digital landscape, where data breaches and cyber threats are prevalent.

The other options do not align with the primary focus of ISO/IEC 27001. The standard specifically addresses aspects of information security rather than environmental sustainability, accounting standards, or marketing strategies. These topics fall outside its intended scope, thus reinforcing that option B accurately reflects the core purpose of the standard.