SDS ILS (Voluntary Certification System)

2026: Information Security Auditors Certification Launch

On February 13, 2026, the ABISS Association announced a new stage in the development of the ABISS Voluntary Certification System (SDS ABISS), designed to confirm the quality and safety of information security services. After the successful registration of the system and the launch of certification of information security specialists, the Association begins certification of organizations.

In 2025, SDS ILS made a significant development path: from registration in Rosstandart, the development and conduct of exams for information security specialists to the creation of an independent assessment procedure for organizations in terms of the provision of information security services. SDS ILS are an element of self-regulation of the information security market and at the same time does not contradict, but harmoniously complements the state regulation of the information security sphere by various departments.

The first certified service was the assessment of compliance with the requirements information protection financial of organizations (GOST R 57580.1-2 and related Regulations). Bank of Russia The next step is planned to develop certification in the field of ensuring operational reliability (GOST R 57580.4-5). The availability of the VTS certificate ILS becomes a significant indicator of the quality of compliance assessments, which affects the choice of performers by financial institutions, and for regulators it makes it possible to use the audit results within the framework of control and supervision activities.

Chairman of the ABISS Anastasia Kharybina: "In parallel with the development of SDS ILS, our Association, together with the Bank of Russia, is actively working on a new national standard establishing requirements for conducting compliance assessments. As of February 2026, the Technical Committee 122 has completed the first consideration of the draft GOST R 57580.X, and we expect its registration by the end of 2026. The entry into force of this standard will create a request to the information security market for a significant number of proven certified organizations and specialists. That is why we are launching certification of organizations, for which we have issued the internal standard ABISS (STO ILS), the requirements of which are harmonized with the draft national standard. "

The value of certification lies not in the formal compliance of information security auditors with regulatory requirements, but in an independent verification mechanism that helps customers identify and engage trusted service providers. In turn, confirmation of qualification within the framework of SDS ABISS gives ILS of security organizations the opportunity to participate in projects where independent certification of performers is required. Thus, the launch of certification of organizations and specialists based on the SDS ILS forms a single trust mechanism aimed at confirming the quality and safety of information security services, including services for assessing compliance with the Bank of Russia's information security requirements.

In developing the SDS ILS, the Association attracted experts with many years of practical experience in providing services for assessing compliance not only with the requirements of Russian legislation, but also with the requirements of international standards for the protection of information. This made it possible to use the best international practices and take into account the specifics of the requirements of national standards when developing the ILS SDS.