The Ministry of Defense has passed the certification of the information security management system

The Ministry of Defense of Ukraine successfully passed the certification of the information security management system according to the national standard of DSTU ISO/IEC 27001:2023 (equivalent to the international standard ISO/IEC 27001:2022). About this informs press service of the Ministry of Defense.

This standard is internationally recognized as key in the field of information and cyber security. Its main goal is to create an integrated, continuous security system based on risk management and continuous process improvement.

The Ministry of Defense became the first Ukrainian ministry to implement an information security system based on the mentioned standards. The preparation lasted two years, and the inspection itself was carried out by independent external auditors and an authoritative certification body.

“A comprehensive approach to cyber resilience is possible only on the basis of leading international standards and best practices. This is important not only for our safety, but also for the trust of our partners. At a time when our cybersecurity legislation is being updated, the Ministry of Defense is taking steps first. We hope that others will follow us very soon. We are ready for cooperation”, – said Kateryna Chernogorenko, Deputy Minister of Defense of Ukraine for Digitalization.

The ISO/IEC 27001 standard covers all security procedures and mechanisms of the organization. Its implementation allows you to form effective cyber protection policies and implement reliable control tools that help reduce risks. Currently, the certificate is valid for IT units and systems under their management, and in the future it is planned to extend the coverage to other structures of the Ministry.