An information security management system (ISMS) is a set of policies concerned with information security management or IT related risks. The idioms arose primarily out of ISO 27001.
The governing principle behind an ISMS is that an organization should design, implement and maintain a coherent set of policies, processes and systems to manage risks to its information assets, thus ensuring acceptable levels of information security risk.
Read more about Information Security Management System: ISMS Description, Need For A ISMS, Critical Success Factors For ISMS
Famous quotes containing the words information, security, management and/or system:
“But while ignorance can make you insensitive, familiarity can also numb. Entering the second half-century of an information age, our cumulative knowledge has changed the level of what appalls, what stuns, what shocks.”
—Anna Quindlen (b. 1952)
“In the long course of history, having people who understand your thought is much greater security than another submarine.”
—J. William Fulbright (b. 1905)
“People have described me as a “management bishop” but I say to my critics, “Jesus was a management expert too.””
—George Carey (b. 1935)
“Social and scientific progress are assured, sir, once our great system of postpossession payments is in operation, not the installment plan, no sir, but a system of small postpossession payments that clinch the investment. No possible rational human wish unfulfilled. A man with a salary of fifty dollars a week can start payments on a Rolls-Royce, the Waldorf-Astoria, or a troupe of trained seals if he so desires.”
—John Dos Passos (1896–1970)