Difference between revisions 765686542 and 765959529 on enwiki

[[File:Risk Management Elements.jpg|thumb|Plan-Do-Check-Act Cycle]]
[[File:Isms framework.jpg|thumb|ENISA: Risk Management and Isms activities]]
An '''information security management system'''<ref>{{cite web|title=Security management system’s usability key to easy adoption|url=http://www.sourcesecurity.com/news/articles/co-4108-ga.8554.html|publisher=sourcesecurity.com|accessdate=22 August 2013}}</ref>  (ISMS) is a set of policies concerned with [[information securi(contracted; show full)

Another competing ISMS is [[Information Security Forum]]'s ''[[Standard of Good Practice]]'' (SOGP). It is more [[best practice]]-based as it comes from ISF's industry experiences.

Yet another competing ISMS is [[The Open Group]]'s "Open Information Security Maturity Model" (
[[Open Information Security Maturity Model|O-ISM3]]). It is more [[Scientific method]]-based.

Some nations publish and use their own ISMS standards, e.g. the Department of Defense (DoD) Information Technology Security Certification and Accreditation Process (DITSCAP) of USA, the [[Department of Defense Information Assurance Certification and Accreditation Process]] (DIACAP) of USA, the German [[IT baseline protection]], ISMS of Japan, ISMS of Korea, Information Security Check Service (ISCS) of Korea.<ref name="isms">{{cite journal|last=Jo|f(contracted; show full)* [[ISO/IEC 27002]]
* [[NIST]]

== References ==
<references/>

{{Authority control}}
[[Category:Data security]]

All content in the above text box is licensed under the Creative Commons Attribution-ShareAlike license Version 4 and was originally sourced from https://en.wikipedia.org/w/index.php?diff=prev&oldid=765959529.

This site is not affiliated with or endorsed in any way by the Wikimedia Foundation or any of its affiliates. In fact, we fucking despise them.