How standards can help when looking at proving your business is cyber-secure.

British Standards contain the combined knowledge of experienced UK subject experts often working together with their international colleagues in an open, consensus-based process.

You can read a description of these standards and some other relevant publications that are available from BSI or other organizations below:

Standard number/name Description/Benefits Published by
BS ISO IEC 27001:2013 Information technology. Security techniques. Information security management systems. Requirements BS ISO/IEC 27001 is the most widely used standard for cyber security certification. BSI
BS ISO IEC 27004 Information security management. Measurement If you plan to audit an ISMS based on BS ISO/IEC 27001, BS ISO IEC 27004 can help you measure the effectiveness of your management system. BSI
PD ISO/IEC TR 27008  Guidelines for auditors on information security controls PD ISO/IEC TR 27008 will help you audit your security controls. BSI
BS ISO/IEC 27007 Guidelines for information security management systems auditing Professional auditors use BS ISO/IEC 27007 as guidance when auditing an ISMS against BS ISO/IEC 27001 BSI
BS ISO/IEC 27006 Requirements for bodies providing audit and certification of information security management systems Certification bodies must meet the requirements in BS ISO/IEC 27006 if they are to issue internationally recognised ISMS certificates.


BIP 0071 Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001 BSI books will also help, including Guidelines on Requirements and Preparation for ISMS Certification based on ISO/IEC 27001 which can help you prepare your ISMS for auditing BSI
BIP 0072 Are you ready for an ISMS Audit based on ISO/IEC 27001? This book could help you to avoid failing an external audit.


BIP 0073 Guide to the Implementation and Auditing of ISMS Controls based on ISO/IEC 27001 This book will help you audit yourself and understand what external auditors look for. BSI
BIS/14/697 Cyber Essentials Scheme: Assurance Framework Describes the Cyber Essentials scheme certification processes. BIS