Understanding Information Security Management Systems.

An Information Security Management System (ISMS) is a systematic approach to managing the security of information assets. It includes policies, procedures, plans, processes, practices, roles, responsibilities, structures and resources. Some of the major ISMS objectives are to:

  1. Ensure the confidentiality, integrity and availability of information assets
  2. Ensure privacy and gain the trust of customers/users
  3. Establish a cost effective and consistent information security structure
  4. Help to detect, respond to, and recover from security incidents
  5. Provide a mechanism to mitigate the risks to information and the business damage from incidents
  6. Reduce potential losses from security breaches


by following the traditional Deming cycle of "Plan, Do, Check and Act"


Log In

Enter Remind password

Type your e-mail address and we'll send you new password