Certification to ISO/IEC 27001:2013 helps organizations comply with numerous regulatory and legal requirements that relate to information security. ISO/IEC 27001:2013 specifies the requirements for implementing, maintaining, monitoring, and continually improving the ISMS.