HLS, or High-Level Structure, is a frequently discussed concept in ISO standards. But what does it entail? What are the requirements for companies, and what advantages does it offer in the context of ISO standards?

The modern ISO standards we encounter today are built upon the framework of the HLS (High-Level Structure). HLS can be described as a universal template for management system standards that facilitates the integration of business operations. Information security holds paramount importance for every company, and ISO 27001 serves as an international framework for information security. ISO 27001 can be employed to establish robust information security practices. The latest iteration of ISO 27001 was released in 2017, and it follows the HLS structure. HLS, short for High-Level Structure, is an initiative aimed at creating a standardized framework for management system standards. This structure is founded on a “plug-in” model, designed by ISO in response to market demands for consistent and logically connected management system standards.

The High-Level Structure significantly eases the process of integrating new ISO standards. What makes HLS especially advantageous is the creation of a foundational system, into which various standards can be seamlessly integrated. Organizations need to meet several requirements to effectively implement HLS, including:

  • Risk management
  • Leadership
  • Compliance management (also essential for ISO standards)
  • Demonstrability
  • Improvement management

The benefits of HLS in an organization are manifold. As mentioned, it streamlines the implementation of different ISO standards within the organization, ensuring that management system standards are coherent and logically structured. This approach places the stakeholders’ needs at the core of the organization’s management, granting a more direct role to management and greater involvement in the implementation of the management system.

Share this blog

February 13, 2024

A vulnerability scan, penetration test (pentest) and Red Teaming are...

    November 3, 2023

    “Although we were under the assumption that processes had been...

    November 3, 2023

    “Although we were under the assumption that processes had been...