As a cybersecurity analyst at a financial services firm, you have been tasked with aligning the company's vulnerability management program with the requirements of a recognized framework to meet international information security standards. Which of the following documents would guide you to establish a systematic approach for managing sensitive company information to ensure it remains secure?
ISO/IEC 27002
ISO/IEC 27001
ISO 31000
Health Insurance Portability and Accountability Act (HIPAA)