In recent years, with the development of information technology and the popularity of internet, modern weapons systems have been gradually transformed into digitizing and networking. Nowadays the enemy we confront is no longer the tangible one, but the invisible hiding behind the internet. For Taiwan military, information safety is not only the protection of confidential information and data, but also related to the country security, so we cannot ignore the potential risk and danger. The expert questionnaires of this study’s main objective is Taiwan military units who are successfully certificated by ISO 27001, and the study offers the critical success factors which influence the installation of ISO 27001 and the structure of the important assessment factors. Furthermore, the study releases questionnaires to every department of Taiwan military information security including some military units are not certificated, utilizing AHP (Analytic Hierarchy Process) to analyze these returned questionnaires, and then finding out the differences of all participants regarding the cognition of critical success factors. According to the result of this research: (a) participants who have been certificated or not certificated all agreed that “the substance and environmental safety”, one of the 2nd level items, is the main critical success field which is successfully installed into ISO27001, and another 2 factors of the 3rd level items: “prevention from outside and environmental threats”, “cognition of information security, education and training” are the critical success factors successfully installed into the ISO27001; (b) the installation of ISO 270001 of the information security policy has been proven that it efficiently reduced the violation of information security events; (c) There are three hindrance that participants had when installing ISO 270001: superiors did not take it seriously, colleagues did not cooperate with each other and the expense was not enough. To sum up, we expect that participants could put more emphasis on the importance of information security through this study, deeply understand the critical success factors and obstacles that participants might meet while implementing information security policy into ISO 27001, which could provide them with useful reference point; at the same time, it could be the future goal that every military unit get the ISO 270001 international standard certificate.