An Information Security Management System is a systematic approach to manage the organisation’s sensitive information so that the organisation remains secure. It encompasses IT systems, Process and People.Certification of an organization’s ISMS ensures that the organization has a defined system for establishing, implementing, operating, reviewing, maintaining and improving the security of information including those of customer, held by the organization. The implemented ISMS ensure handling of overall business risks by implementation of security controls customized to the needs of the organization thus increasing the productivity of the people and enhancing corporate imageSO/IEC 27001 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls.Knowing the most important assets of your company is a must. You must be able to evaluate the assets you need to protect and those that need to be considered critical. There are many companies that have taken the risk of not protecting their valuable information and have paid for it. Having your data and information protected is vital for your company and this is where an ISO 27001:2013 comes in ISO 27001 certification looks intently at the totality of an organization’s information assets and then steps through a process which gauges risks related to these assets. Participants in the process look at the likelihood of an attack or failure, the impact that such an attack or failure would have on the organization and the effectiveness of controls intended to protect the assets. It Increased Reliability and Security of the Systems.