In recent year with the intensive use of the information technologies, data security has been turned into a critical and important issue in organizational management. Various Standard and rules are there for the security of Information, for example, ISO/IEC 27001, ISO/IEC 27002. However, organization face different challenges for implementing the standard. In this paper, we present the status of the ISO/IEC 27001 execution process in a Small and Medium Sized Enterprise. By executing ISO 27001, organization got the chance to prove authenticity and show the clients that the organization is working according to recognized best practices. It helped the organization "IKSC Knowledge Bridge Pvt Ltd." in reducing cost, risks, and increases the brand value. The outcomes obtained conclude not just the need to think about the technical, legal aspects of organization but also those related to people like training, knowledge, create awareness, to achieve a successful management of information security