1. Information Security Management Systems The information security management system is a system in which an organization establishes information security policies and objectives as a whole or within a specific scope, as well as the methods used to achieve these objectives.
2. It is the result of direct management activities, expressed as a collection of policies, principles, objectives, methods, processes, checklists and other elements.