A PKI (Public Key Infrastructure) is the complete system of technology, processes, and policies that enables the issuance, management, and revocation of digital certificates. At its core are Certificate Authorities (CAs), which issue certificates and guarantee their trustworthiness. PKI forms the foundation for TLS/HTTPS, email encryption (S/MIME), digital signatures, and mTLS. For your ISMS, document which internal and external CAs you use, how certificates are requested and renewed, and how the revocation process works. ISO 27001 Annex A.8.24 requires the use of cryptography, and a functioning PKI is the prerequisite.