http://en.wikipedia.org/wiki/ISO/IEC_27000-series
Explain the intent of ISO27001 and 27002 standard and how it might be applied or used in a mid-sized organization. Summarize the essential points of that standard and what security managers can do to implement the standard in their organization.
Description of the standard — i.e., what does it cover?
The intent of standard – i.e., how does it address what it intends to cover?
How would this standard be applied in a mid-sized organization?
Have a separate page for each standard