Upcoming events

  • No upcoming events

Latest ISLF News

Menu
Log in

CIAPC

Setting the Gold Standard for Information Assurance Practices Globally

Information Security Program Benchmark Initiative


The year 2026 marks the launch of the CIAPC's FREE information Security Program Benchmark Initiative. The program will allow eligible members to benchmark their organization's information security program against the 2022 version of the internationally recognized gold standard, ISO 27001.

The program has been designed to provide an accessible tool to empower information security leaders with the means to assess the strengths and weaknesses of their internal information security programs. We understand that given the foundation of the program, it may not be for everyone. However great care has been taken to make it as inclusive as possible for a global audience.

Participating organizational leaders will receive a customized report for their organization, highlighting strengths and opportunities, based on the subjective data entered by the organization's representative during their participation. 

Eligibility

To participate in the Information Security Program Benchmark initiative, participants must meet the following prerequisites:

  1. be serving in a dedicated organizational Chief Information Security Officer (CISO) role for the organization you would be participating on behalf of; and
  2. be an active member of the CIAPC in good standing;
  3. be a member of the CIAPC's CISO group (access to the benchmark program registration page is restricted to only members of this group);
  4. be authorized by your organization to participate in this program;
  5. you must have a firm understanding of the status of your organization's security posture and individual controls, sufficient to answer bench-marking questions based on the full scope of ISO 27001, or setup a team with knowledge in all areas to collectively go through the benchmark tool with you; and
  6. you have completed the application and have been approved to be admitted into the program.

This criteria is subject to verification by the CIAPC as deemed necessary

NOTES:

  1. Freelancers and individuals involved in customer facing consulting services and similar roles, who use the CISO title, are not eligible for participation in this private CIAPC program; and
  2. Use of this tool is restricted to only those in organization not offering GRC or similar commercial product or tool offerings. If your organization offers for sale, or consults to, or for such organizations, your organization is ineligible to participate.

Availability / Program Dates

The Information Security Program Benchmark Program runs annually, as follows:

  • Open participation between September 1st through to November 30th each year. The tool is not accessible outside of these time-frames;
  • Copies of custom participant reports (based on your organization) will be made available privately within 30-days of completion in the first year of the program, the time-frame for which will be driven in a large part based on the volume of participation. Our goal is to make these report available in a greatly reduced time-frame in subsequent years; and
  • Copies of the global anonymized report will be published by January 30th of the following year,  and available by free download by all members of the CIAPC, as well as through participating program sponsors.

Cost

Participation in the bench-marking program is completely FREE. Additionally, there is no cost for your organizational report each qualified participant receives, nor the anonymized global benchmark report produced by the CIACC for the public.

Click the button below to apply to participate in the 2026 Information Security Program Benchmark Program. All applicants that meet the above eligibility criteria will be approved.  You will be notified within 5 business days on the disposition of your application. Upon approval, your access will be enabled and an e-mail notification will be sent to the e-mail address in your CIAPC account.