ISO/IEC 27001:2013

Certification of Information Security Management Systems (ISMS)
(ISO 27001:2013 looses its validity per October 31th, 2025 and will be replaced by ISO 27001:2022.)


Information security is increasingly becoming an indispensable part of good corporate governance. An Information Security Management System (ISMS) which complies with the international standard ISO/IEC 27001 offers a risk-based and cost-optimised basis, in order to be able to meet the increasingly stringent information security requirements. SQS as a leading certification organisation for information security in Switzerland audits both the information security management system itself and its implementation. That is why the SQS certificate also has such a good international reputation.


ISO/IEC 27001 raises awareness of the fact that information is a valuable asset which must be protected (company-wide awareness campaign). It also helps to identify and minimise the risks associated with information security, provides the necessary legal and contractual foundations and promotes trust when dealing with customers, public organisations and the e-commerce sector.

Target groups

Unternehmen und Organisationen aller Branchen und Grössen.


3 years - there is an annual audit to ensure that standards are being maintained and a recertification audit after three years.


The SQS certificate ISO/IEC 27001 has international validity and is recognised worldwide through the IQNET membership.


ISO/IEC 27001 can be combined with ISO/IEC 20000-1 (IT service management), ISO 9001 (Quality management), ISO 14001 (Environmental management) and GoodPriv@cy® (Data protection), DPCO:2014
(certification of data protection management systems).

Lead Auditor
Simon Maurer
Would you like
(*) are mandatory