CSM27001: Scheme Background

CyberSecurity Malaysia Information Security Management System Audit and Certification (CSM27001) Scheme 

The CSM27001 Scheme supports the ‘National Security and Public Safety’ pillar under the Economic Transformation Program (ETP) by way of building resiliency in both Critical National Information Infrastructure (CNII) and the industry; as well as to support the pillar of ‘Catalyst of Growth for Industry’ by providing MS ISO/IEC 27001 certified organisation a benchmark to compete effectively against similar organisations on a global scale. 

With the Scheme, various information security goals, such as protecting the confidentiality, availability, authenticity, non-repudiation, and integrity of information handled by the organisation could be achieved through a certification programme based on the internationally recognised standard ISO/IEC 27001. Given the information-intense characteristics of a modern economy, information security is a growing spending priority among most companies. Based on a research by the University of Maryland, this growth in spending is occurring in a variety of areas including antiviruses, sophisticated encryption techniques, intrusion detection systems, automated data backup, and hardware devices.

 As of today, more than 20 local organisations had been certified under the CSM27001 Scheme and more than 7,000 organisations had been certified worldwide.


Information Security Certification Body (ISCB)
CyberSecurity Malaysia,
Level 7 Tower 1, Menara Cyber Axis,
Jalan Impact, 63000 Cyberjaya,
Selangor Darul Ehsan, Malaysia.

Monday - Friday 08:30-17:30 MYT (Note: closed on Saturday, Sunday and Public Holiday)

T: +603 - 8800 7999
F: +603 - 8008 7000


For certification enquiry: