Difference between revisions 579060741 and 585786759 on enwiki

[[File:Risk Management Elements.jpg|thumb|Plan-Do-Check-Act Cycle]]
[[File:Isms framework.jpg|thumb|ENISA: Risk Management and Isms activities]]
An '''information security management system'''<ref>{{cite web|title=Security management system’s usability key to easy adoption|url=http://www.sourcesecurity.com/news/articles/co-4108-ga.8554.html|publisher=sourcesecurity.com|accessdate=22 August 2013}}</ref>  (ISMS) is a set of policies concerned with [[information securi(contracted; show full)
* '''Obsolete evaluation of security concerns'''
The evaluations of security concerns used in ISMS become obsolete as the technology progresses and new threats and vulnerabilities arise. The need 
ofor continueous security evaluation ofor organizational products, services, methods and technology is essential forto maintain an effective ISMS. The evaluated security concerns need to be re-evaluated. A continuous security evaluation mechanism of ISMS within the organization is a critical need to achieve information security objectives. The re-evaluation process is tied with dynamic security requirement management process discussed above.<ref name= dynamic/>

== See also ==
{{Portal|Computer security}}
* [[Asset (computing)]]
* [[Attack (computing)]]
* [[CERT Coordination Center|CERT]]
* [[COBIT]]
* [[ENISA]]
* [[Enterprise architecture]]
* [[FISMA]]
* [[Information security management]]
* [[IT governance]]
* [[ITIL]]
* [[IT risk]]
* [[ISO 9001]]
* [[ISO/IEC 27001]]
* [[ISO/IEC 27002]]
* [[ISO/IEC 27004]]
* [[ISO/IEC 27005]]
* [[NIST]]
* [[PDCA]]
* [[Security control]]
* [[Security information and event management]]
* [[Threat (computer)]]
* [[Vulnerability (computing)]]
* [[WARP (information security)]]
* [[TRAC (ISMS)]]

== Notes and references ==
<references/>


[[Category:Data security]]