ISO/IEC 27001 , in the name of Information Security Management System: ISMS, is a management standard for Information Security. This system was originated by British Standards Institution: BSI, where BS7799-1 were first released focusing on technical standard. Later on, BSI released the second standard about Specification for ISMS, highlighted on PDCA (Plan, Do, Check, Action) cyclic process, causing more dynamic of information security and management and its standard linked to ISO management system because the two systems purposely protect the organization’s information in terms of Confidential, Integrity, and Availability which commonly used as CIA. After BS 7799-1 and BS 7799-2 were well-known and widely applied as Information Security standard, ISO, in associated with IEC, International Electro technical Commission, adopted these two original practices and finally published as ISO/IEC 27002 and ISO/IEC 27001 standard edition. CAT’s Data Center was also certified by ISO 27001.