ISO / IEC 27001: 2013 is a standard of the International Organization for Standardization (ISO) that specifies the requirements for the establishment, implementation, maintenance and continuous improvement of information security management systems. This is an internationally recognized standard that includes requirements for the assessment and treatment of information security risks, and is applicable to all organizations regardless of their type or size.

The information security management system in IMBiH is implemented and harmonized with the requirements of this standard and integrated into all organizational business processes and management structure of IMBiH, with the aim of providing continuous assessment and management of information security risks, in order to achieve IMBiH business goals.

As a result, IMBIH has successfully completed the certification process by the leading international certification company Bureau Veritas.

IMBIH is the second state institution certified according to ISO / IEC 27001: 2013, after the Agency for Identification Documents, Regosters and Data Exchange of Bosnia and Herzegovina.