The ISO/IEC 27001:2013, awarded by the International Organization for Standardization encompasses the requirements for establishing, implementing, maintaining the Information technology security techniques. This certification will help organizations to keeps confidential information secure, provides customers and stakeholders with confidence in how you manage risk and allows for secure exchange of information and provide you with a competitive advantage. Obtaining this certification demonstrates SECP’s strong commitment to the ongoing development and continuous improvement of its enterprise ISMS, making information security and data protection an integral part of all its business processes. Aamir Khan, Chairman SECP said, “We are proud to have earned this certification, attesting that our highest level of controls is in place when handling SECP’s and its regulates information. SECP has even established a governance program that includes the Information Security –Governance, Risk Management and Compliance Council (IS- GRCC) whose job is to support the ongoing information and cyber security enhancements. With ISO 27001 ISMS Certification, we are effectively meeting the industry benchmark towards complying with information and cyber security standards.” The ISO/IEC 27001:2013 Certification is a showcase of SECP’s overall strategy to ensure that its key IT, Data Centre, Human Resource Security, Physical and Environmental Protection and Social Media Security services comply with the highest international and regional standards, and that its services are based on globally accepted standards and protocols. To hold this qualification as one of the one of the regulatory body of Pakistan is a significant achievement for SECP.