Information Security Management Systems Certification Scheme

The scheme is based on the ISO 27000 family of standards which help organisations keep information assets secure. The family of standards include:

  • ISO/IEC 27000:2016 Information technology - Security techniques - Information security management systems - Overview and vocabulary 
  • ISO/IEC 27001:2013 Information technology - Security techniques - Information security management systems – Requirements
  • ISO/IEC 27002:2013 Information technology - Security techniques - Code of practice for information security controls
  • ISO/IEC 27003:2010 Information technology - Security techniques - Information security management system implementation guidance
  • ISO/IEC 27004:2016 Information technology - Security techniques - Information security management -- Measurement

ISO/IEC 27001 is the best-known standard in the family, providing requirements for an information security management system, thus helping organisations ensure that their information is securely managed.

Applicant CABs will need to comply with ISO/IEC 27006:2015 - Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems.

As a management systems scheme, applicants also need to comply with ISO/IEC 17021-1:2015 – Conformity Assessment – Requirements for bodies providing audit and certification of management systems - Part 1: Requirements.

Benefits

  • Helps organisations manage the security of assets such as financial information, intellectual property, employee details or information entrusted to them by third parties.
  • Achieves continual improvement in securely managing information.

Scheme owner

International Organization for Standardization (ISO).

More information

An application pack, application form and other relevant material is not available on this site. These documents are available through our SharePoint portal. If you are a body that we currently accredit, you can access this information through the Share CAB Portal. If you are a new applicant, please complete an application enquiry form. Once this form is submitted, the Secretariat will provide you with a temporary username and password for the portal.  For other stakeholders please submit your inquiry through the online feedback form.