Information technology – Security techniques – Information security management systems – Requirements
This International Standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. The adoption of an information security management system is a strategic decision for an organization.
The establishment and implementation of an organization’s information security management system is influenced by theorganization’s needs and objectives, security requirements, the organizational processes used and the size and structure of the organization.
