The standard is also applicable to organisations that manage high volumes of data or information on behalf of other organisations such birli veri centres and IT outsourcing companies.Organizations dealing with high volumes of sensitive data may also face internal risks, such birli employee negligence or unauthorized access. These hazards must be id