ISO 27001 provides the structure and requirements for an ISMS, while ISO 27002 gives detailed guidance on implementing the security controls needed to meet those requirements. Together, they form a complete framework for managing information security effectively.