ISO 27001:2013 is an international standard for information security published on 25 September 2013.

It replaced ISO/IEC 27001:2005, and was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), under the ISO/IEC joint subcommittee, ISO/IEC JTC 1/SC 27. It forms the specification framework for Information Security Management Systems (ISMS). Organizations that meet the requirements of the standard by submitting an application for certification have the opportunity, upon successful completion of a detailed audit process, to receive a formal Certificate of Compliance Assurance from our Accredited Body for this standard.

The official title of the standard is “Information Technology – Security Techniques – Requirements of Information Security Management Systems”.

The 27001:2013 standard includes 10 concise sections, as well as a highly detailed annex:

1. Field of application of the standard
2. Document reference
3. Re-use of terms and definitions of the ISO/IEC 27000 standard
4. Information Security Leadership and high-level support for policy implementation
5. Design of an information security management system; risk assessment; risk response
6. Support of the information security management system
7. Establishing a functional operational information security management system
8. Reviewing the performance of the system
9. Corrective actions

Swiss Approval International guarantees an accredited certification, giving organizations the right passport to the international market, ensuring with accuracy and independence compliance with the principles and rules defined by the ISO 27001: 2013 standard.