Information Security Management System
|An International Standard that specifies the requirements for establishing implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.|
It is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.
|It can be applicable to all organization that is having information like software companies, commercial enterprises, government agencies, non-profit organizations|