Difference between revisions 623510641 and 642882509 on enwiki

< previous diff
next diff >
Information security management system
[[File:Risk Management Elements.jpg|thumb|Plan-Do-Check-Act Cycle]]
[[File:Isms framework.jpg|thumb|ENISA: Risk Management and Isms activities]]
An '''information security management system'''<ref>{{cite web|title=Security management system’s usability key to easy adoption|url=http://www.sourcesecurity.com/news/articles/co-4108-ga.8554.html|publisher=sourcesecurity.com|accessdate=22 August 2013}}</ref>  (ISMS) is a set of policies concerned with [[information securi(contracted; show full)lnerabilities arise. The need for continuous security evaluation of organizational products, services, methods and technology is essential to maintain an effective ISMS. The evaluated security concerns need to be re-evaluated. A continuous security evaluation mechanism of ISMS within the organization is a critical need to achieve information security objectives. The re-evaluation process is tied with dynamic security requirement management process discussed above.<ref name= dynamic/>

== See also ==

{{Too many see alsos|date=January 2015}}
{{Portal|Computer security}}
* [[Asset (computing)]]
* [[Attack (computing)]]
* [[CERT Coordination Center|CERT]]
* [[COBIT]]
* [[ENISA]]
* [[Enterprise architecture]]
* [[FISMA]]
* [[Information security management]]
* [[IT governance]]
* [[ITIL]]
* [[IT risk]]
* [[ISO 9001]]
* [[ISO/IEC 27001]]
* [[ISO/IEC 27002]]
* [[ISO/IEC 27004]]
* [[ISO/IEC 27005]]
* [[NIST]]
* [[PDCA]]
* [[Security control]]
* [[Security information and event management]]
* [[Threat (computer)]]
* [[Vulnerability (computing)]]
* [[WARP (information security)]]
* [[TRAC (ISMS)]]

== Notes and references ==
<references/>

[[Category:Data security]]