Skip to Menu Skip to Search Contact Us India Websites & Languages Skip to Content

We offer certification audits to assess your information security and manage systems against ISO/IEC 27001 and ISO/IEC 20000 standards.

ISO/IEC 27001 is the standard for methodically evaluating information security risks and analysing the possible impact of threats and vulnerabilities to your business functions and customers.

ISO/IEC 20000 is the IT Service Management System (SMS) standard, specifying the requirements for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and improving your Service Management System.

We provide ISO/IEC 27001 and ISO/IEC 20000 certification audits to assess your organization’s information and service management system security against the standards’ requirements.

Why choose ISO/IEC 27001 and ISO/IEC 20000 certification audits from SGS?


We assess your information security against the ISO/IEC 27001 standard, which enables you to:

  • Demonstrate your commitment to information security
  • Enforce information security
  • Reduce the risk of fraud, information loss and disclosure
  • Improve employee ethics and strengthen confidentiality throughout your organisation

We assess your service management system against the ISO/IEC 20000 standard, which enables you to:

  • Confirm the compliance of your IT service management system to ISO/IEC 20000 requirements
  • Provide quality assurance
  • Achieve a consistent approach to your service lifecycle and supply chain
  • Demonstrate your capability for the planning, design, transition, delivery and improvement of services

Is there a legal requirement to comply with or be certified to ISO/IEC 27001 or ISO/IEC 20000?

Essentially, there is no legal requirement for certification. However, a vast majority of organisations choose to implement the requirements of the certifying authority, in order to reap the many benefits it provides.

In some cases, however, your organisation may be contractually obligated to protect the information of certain clients and stakeholders, which may require ISO 27001 certification. In such cases, certification becomes a legal requirement.

Why SGS?

As the global leader in certification, we offer you in-depth expertise of ISO/IEC 27001 and ISO/IEC 20000 certification requirements.

We have unrivalled experience in undertaking and successfully executing large-scale, complex international projects. With a presence in every region around the globe, our people speak the language and understand the culture of your local market.