ISO 27001: Security In Securing Business Information

What is Information Security Management system?

What is the Information Security Management system?

  • Part of the overall management system, based on business risk approach, to establish, implement, operate, monitor, review, maintain and improve information security (ISO definition)

Note:  The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources.

  • Influenced by the organization’s needs and objectives, security requirements, the processes employed and the size and structure of the organization.
Related Articles