arrow Icon


SI ISO 27001 - Information Security Management Systems

The development of the World of Information and Communications Technology (ICT) provides many organizations in Israel and worldwide with the challenge of protecting data, as a primary asset of the organization.
Standard ISO 27001 for Information security management systems defines simple systematic and functional principles, for creating management and maintenance of an information security system that is suitable for the organization. Certification for an Information security management system by the Standards Institution of Israel (per requirements of SI ISO 27001), demonstrates that the organization takes the necessary steps to realize its commitment to protect its information and to manage it effectively. Certification is suitable for all organizations. The ISO 27000 series contains additional standards such as SI ISO 27799 in the healthcare information system, ISO 27013 for combining Information security and quality management of Information technologies (SI 20000), ISO 27011 for the telecom industry, ISO 27032 for cyber-security, etc..

Creating an Information security management system will enable:
  • Identifying and managing risks to the information.
  • Defining handling and preventive processes in a persistent and systematic fashion.
  • Choosing the controls necessary for the organization, and as a result of this reduce needless expenses.
  • Defining Information security management goals and proactively plan to achieve them.
  • Comply with relevant legal requirements and regulations.
  • Reduce costs related to losing data, inability to retrieve it and its unavailability, develop disaster recovery capabilities, and business continuity.
  • Effectively preventing fraud.
  • Drive ongoing processes for improvement (even beyond basic compliance to the requirements).
  • Transition to effective and efficient work processes.
  • Controlled Project Management.
  • Granting confidence to customers and stakeholders that the organization places high priority on Information security.

Auditors from the Standards Institution of Israel will assist in verifying that the organization’s Information security management system meets the standard’s requirements, and where improvements are necessary.
It is recommended, as part of the certification process, to also incorporate Quality Management (according to requirements for SI ISO 9001), and other management standards (Business Continuity as per ISO 22301), in order to create a holistic and effective management in the organization.

The path to certification

Certification is done after implementation of an intra-organizational process, in which the organization’s Information security management system, per the standard requirements, is successfully implemented. In order to start the process, it is recommended to purchase the standard at the Standards Institution information center, to learn the requirements and to participate in appropriate training. Additionally, consultants that specialize in Information security can be used. XT Standards Institution of Israel can conduct a preliminary audit to identify GAPS.
The process should be seen as an opportunity for improvement by a team from the organization that will receive support and involvement of management. At the end of the process, auditors of the Standards Institution of Israel, that are independent, will perform the certifying audit that confirms that the organization’s Information security management system is appropriate.

Required Steps


The Client The Standards Institution of Israel
Registration with the Standards Institution of Israel Sending a bid that includes: Checking procedures and Stage 1 Audit (preliminary), Stage 2 Audit (Certification)
Approval of /paying the bid Assignment of a Client Manager
Delivery of the Information security procedures Checking documents, coordinating and performing Stage 1 and Stage 2 Audits
Dealing with findings of the audits and fixing discrepancies Evaluating the correction and activities and approving it (by Client Manager), professional and administrative approval, sending oversight agreement (for follow-up audits)
Signing surveillance agreement (for follow-up audits) Sending certificates and agreement signed by the Standards Institution of Israel
Activities to continually improve the system Performance of follow-up audits to verify organization’s compliance to requirements

The Standards Institution of Israel – the right choice for you
  • The Standards Institution of Israel has a long standing reputation in quality and professionalism.
  • Our people are among the leading professional experts in the field of quality, having experience and are familiar with client needs.
  • The Standards Institution of Israel is the largest certification body in Israel.
  • The Standards Institution of Israel provides a range of services under one roof: Certification (singly or combined), various laboratory tests and a training center.
  • The Standards Institution of Israel is a member of international Standards Committees and has cooperation agreements with leading entities around the world.
  • The Standards Institution of Israel is Israel’s representative in the IQNet network that incorporates Certification Bodies (C.B) from around the world.


For information:
Mr. Shuky Price
Mobile: ++972-52-2464574
E-mail: shuky_p@sii.org.il

Mr. Avi Rost
Mobile: ++972-52-4834674
E-mail: Rost_a@sii.org.il

For registration:
Mrs.  Nurit Shauli
Office: ++972-3-6467832
E-mail: nurit_sh@sii.org.il