PAM (Privileged Access Management) is a security solution that centrally manages and monitors privileged accounts (admin accounts, service accounts, root access). PAM systems store passwords in an encrypted vault, rotate them automatically, and record administrative sessions. Access to privileged accounts follows a controlled check-out process with approval and time limits. PAM directly addresses the requirements of ISO 27001 Annex A.8.2 and A.8.18. Privileged accounts are the primary target in advanced attacks, making their protection one of the most effective controls in your ISMS.