The Information Security Management System based on ISO 27001:2013 standard is applicable for information technology covering security techniques to meet requirements for establishing, implementing, maintaining and continually improving ISMS in any organization. Globally many IT companies working for software development, BPOs, KPOs, Banking sectors, government organizations and many service sector units are already certified by ISO 27001:2005 IT security management system.