To select the project manager for ISO 27001, you should choose someone from inside the company who knows the details and cultural issues of the organization. The project manager should have enough authority, either by position or by respect from their peers, to handle any opposition during the project. They should have at least average knowledge of IT, but the project should not be treated solely as an IT project. A balanced knowledge of IT and the company's business processes is important, along with good interpersonal skills to work well with the project sponsor. It is not recommended to hire an external consultant as the project manager.