{"id":8507,"date":"2014-01-03T16:38:57","date_gmt":"2014-01-03T16:38:57","guid":{"rendered":"https:\/\/www.techopedia.com\/definition\/information-security-management-system\/"},"modified":"2014-01-03T19:11:50","modified_gmt":"2014-01-03T19:11:50","slug":"information-security-management-system","status":"publish","type":"definition","link":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms","title":{"rendered":"Information Security Management System"},"content":{"rendered":"<h2><span id=\"what_does_information_security_management_system_mean\">What Does Information Security Management System Mean?<\/span><\/h2>\n<p>An information security management system (ISMS) is a set of frameworks that contain policies and procedures for tackling security risks in an organization. The focus of an ISMS is to ensure business continuity by minimizing all security risks to information assets and limiting security breach impacts to a bare minimum.<\/p>\n<h2><span id=\"techopedia_explains_information_security_management_system\">Techopedia Explains Information Security Management System<\/span><\/h2>\n<p>BS7799, which is derived from ISO 17799, provides the necessary specifications for documenting, designing and implementing an ISMS.<\/p>\n<p>An ISMS accounts for an organization&#8217;s different elements, such as:<\/p>\n<ul>\n<li>Human resources (HR)<\/li>\n<li>Organizational processes and procedures<\/li>\n<li>Information and technologies<\/li>\n<\/ul>\n<p>Key ISMS factors are:<\/p>\n<ul>\n<li>Data integrity: Access restriction and protection of data from unauthorized resources<\/li>\n<li>Availability: Organizational information available to authorized resources without any issues<\/li>\n<li>Confidentiality: Protection of information from unauthorized resources<\/li>\n<\/ul>\n<p>Benefits of implementing an ISMS are:<\/p>\n<ul>\n<li>Decrease in downtime of IT systems<\/li>\n<li>Decrease in security related incidents<\/li>\n<li>Increase in meeting an organization&#8217;s compliance requirements and standards<\/li>\n<li>Increase in customer satisfaction, demonstrating that security issues are tackled in the most appropriate manner<\/li>\n<li>Increase in quality of service<\/li>\n<li>Process approach adoption, which helps account for all legal and regulatory requirements<\/li>\n<li>More easily identifiable and managed risks<\/li>\n<li>Also covers information security (IS) (in addition to IT information security)<\/li>\n<li>Provides a competitive edge to an organization with the help of tackling risks and managing resources\/processes<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>What Does Information Security Management System Mean? An information security management system (ISMS) is a set of frameworks that contain policies and procedures for tackling security risks in an organization. The focus of an ISMS is to ensure business continuity by minimizing all security risks to information assets and limiting security breach impacts to a [&hellip;]<\/p>\n","protected":false},"author":7813,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","meta":{"_acf_changed":false,"_lmt_disableupdate":"","_lmt_disable":"","om_disable_all_campaigns":false,"footnotes":""},"definitioncat":[231,218,229],"class_list":["post-8507","definition","type-definition","status-publish","format-standard","hentry","definitioncat-it-business-alignment","definitioncat-cybersecurity","definitioncat-infrastructure-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.8 (Yoast SEO v23.8) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is an Information Security Management System (ISMS)? - Definition from Techopedia<\/title>\n<meta name=\"description\" content=\"This definition explains the meaning of Information Security Management System and why it matters.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Information Security Management System\" \/>\n<meta property=\"og:description\" content=\"This definition explains the meaning of Information Security Management System and why it matters.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\" \/>\n<meta property=\"og:site_name\" content=\"Techopedia\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/techopedia\/\" \/>\n<meta property=\"article:modified_time\" content=\"2014-01-03T19:11:50+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@techopedia\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\"},\"author\":{\"name\":\"Margaret Rouse\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/f5dd538e31ee352d105b8af36c4268a5\"},\"headline\":\"Information Security Management System\",\"datePublished\":\"2014-01-03T16:38:57+00:00\",\"dateModified\":\"2014-01-03T19:11:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\"},\"wordCount\":230,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#respond\"]}],\"articleSection\":\"\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\",\"url\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\",\"name\":\"What is an Information Security Management System (ISMS)? - Definition from Techopedia\",\"isPartOf\":{\"@id\":\"https:\/\/www.techopedia.com\/#website\"},\"datePublished\":\"2014-01-03T16:38:57+00:00\",\"dateModified\":\"2014-01-03T19:11:50+00:00\",\"description\":\"This definition explains the meaning of Information Security Management System and why it matters.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.techopedia.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Business Software\",\"item\":\"https:\/\/www.techopedia.com\/topic\/34\/it-business-alignment\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Infrastructure Management\",\"item\":\"https:\/\/www.techopedia.com\/topic\/23\/infrastructure-management\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Term\",\"item\":\"https:\/\/www.techopedia.com\/definition\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Information Security Management System\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.techopedia.com\/#website\",\"url\":\"https:\/\/www.techopedia.com\/\",\"name\":\"Techopedia\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.techopedia.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.techopedia.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.techopedia.com\/#organization\",\"name\":\"Techopedia\",\"url\":\"https:\/\/www.techopedia.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/08\/techopedia-light.svg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/08\/techopedia-light.svg\",\"width\":209,\"height\":37,\"caption\":\"Techopedia\"},\"image\":{\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/techopedia\/\",\"https:\/\/x.com\/techopedia\",\"https:\/\/www.linkedin.com\/company\/techopedia\/\",\"https:\/\/www.youtube.com\/c\/Techopedia\"],\"publishingPrinciples\":\"https:\/\/www.techopedia.com\/about\/editorial-policy\",\"ownershipFundingInfo\":\"https:\/\/www.techopedia.com\/about\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/f5dd538e31ee352d105b8af36c4268a5\",\"name\":\"Margaret Rouse\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/02\/margaret-rouse-headshot.jpeg\",\"contentUrl\":\"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/02\/margaret-rouse-headshot.jpeg\",\"caption\":\"Margaret Rouse\"},\"description\":\"Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret\u2019s idea of \u200b\u200ba fun day is to help IT and business professionals to learn to speak each other\u2019s highly specialized languages.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/margaretrouse\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/@techdefinitions\"],\"knowsAbout\":[\"Technology expert\"],\"url\":\"https:\/\/www.techopedia.com\/contributors\/margaret-rouse\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What is an Information Security Management System (ISMS)? - Definition from Techopedia","description":"This definition explains the meaning of Information Security Management System and why it matters.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms","og_locale":"en_US","og_type":"article","og_title":"Information Security Management System","og_description":"This definition explains the meaning of Information Security Management System and why it matters.","og_url":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms","og_site_name":"Techopedia","article_publisher":"https:\/\/www.facebook.com\/techopedia\/","article_modified_time":"2014-01-03T19:11:50+00:00","twitter_card":"summary_large_image","twitter_site":"@techopedia","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#article","isPartOf":{"@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms"},"author":{"name":"Margaret Rouse","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/f5dd538e31ee352d105b8af36c4268a5"},"headline":"Information Security Management System","datePublished":"2014-01-03T16:38:57+00:00","dateModified":"2014-01-03T19:11:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms"},"wordCount":230,"commentCount":0,"publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#respond"]}],"articleSection":""},{"@type":"WebPage","@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms","url":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms","name":"What is an Information Security Management System (ISMS)? - Definition from Techopedia","isPartOf":{"@id":"https:\/\/www.techopedia.com\/#website"},"datePublished":"2014-01-03T16:38:57+00:00","dateModified":"2014-01-03T19:11:50+00:00","description":"This definition explains the meaning of Information Security Management System and why it matters.","breadcrumb":{"@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.techopedia.com\/definition\/16515\/information-security-management-system-isms#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.techopedia.com\/"},{"@type":"ListItem","position":2,"name":"Business Software","item":"https:\/\/www.techopedia.com\/topic\/34\/it-business-alignment"},{"@type":"ListItem","position":3,"name":"Infrastructure Management","item":"https:\/\/www.techopedia.com\/topic\/23\/infrastructure-management"},{"@type":"ListItem","position":4,"name":"Term","item":"https:\/\/www.techopedia.com\/definition"},{"@type":"ListItem","position":5,"name":"Information Security Management System"}]},{"@type":"WebSite","@id":"https:\/\/www.techopedia.com\/#website","url":"https:\/\/www.techopedia.com\/","name":"Techopedia","description":"","publisher":{"@id":"https:\/\/www.techopedia.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.techopedia.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.techopedia.com\/#organization","name":"Techopedia","url":"https:\/\/www.techopedia.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/08\/techopedia-light.svg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/08\/techopedia-light.svg","width":209,"height":37,"caption":"Techopedia"},"image":{"@id":"https:\/\/www.techopedia.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/techopedia\/","https:\/\/x.com\/techopedia","https:\/\/www.linkedin.com\/company\/techopedia\/","https:\/\/www.youtube.com\/c\/Techopedia"],"publishingPrinciples":"https:\/\/www.techopedia.com\/about\/editorial-policy","ownershipFundingInfo":"https:\/\/www.techopedia.com\/about"},{"@type":"Person","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/f5dd538e31ee352d105b8af36c4268a5","name":"Margaret Rouse","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.techopedia.com\/#\/schema\/person\/image\/","url":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/02\/margaret-rouse-headshot.jpeg","contentUrl":"https:\/\/www.techopedia.com\/wp-content\/uploads\/2023\/02\/margaret-rouse-headshot.jpeg","caption":"Margaret Rouse"},"description":"Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret\u2019s idea of \u200b\u200ba fun day is to help IT and business professionals to learn to speak each other\u2019s highly specialized languages.","sameAs":["https:\/\/www.linkedin.com\/in\/margaretrouse\/","https:\/\/x.com\/https:\/\/twitter.com\/@techdefinitions"],"knowsAbout":["Technology expert"],"url":"https:\/\/www.techopedia.com\/contributors\/margaret-rouse"}]}},"_links":{"self":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/definition\/8507"}],"collection":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/definition"}],"about":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/types\/definition"}],"author":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/users\/7813"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/comments?post=8507"}],"version-history":[{"count":0,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/definition\/8507\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/media?parent=8507"}],"wp:term":[{"taxonomy":"definitioncat","embeddable":true,"href":"https:\/\/www.techopedia.com\/wp-json\/wp\/v2\/definitioncat?post=8507"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}