What is information security management system (ISMS)? - Definition from WhatIs.com

Home
Topics
Security management
Enterprise risk management strategies
information security management system (ISMS)

Definition

information security management system (ISMS)

An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach.

An ISMS typically addresses employee behavior and processes as well as data and technology. It can be targeted towards a particular type of data, such as customer data, or it can be implemented in a comprehensive way that becomes part of the company's culture.

ISO 27001 is a specification for creating an ISMS. It does not mandate specific actions, but includes suggestions for documentation, internal audits, continual improvement, and corrective and preventive action.

Related glossary terms: Mahindra Special Services Group (MSSG) , Cyberoam, vulnerability and patch management

This was last updated in January 2011

Editorial Director: Margaret Rouse

Dig Deeper

Information security budgets: Five steps to obtain management buy-in

Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively.
PCI Council urges P2P encryption for mobile payments

A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
Android security model doing best to enable mobile malware spread

At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.

Show me more

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

CIO
Data Center
Business Intelligence
Security
SMB Security
Financial Security

CIO
- HyperCITY’s retail store management system: Profit with promotions
  
  HyperCITY services a million customers selling them about 40,000 products. Know how one of India’s largest hypermarket chains accomplishes this.
- HP and Dell dominate server market but struggle in cloud
  
  HP and Dell are the largest hardware makers, but the two companies struggle to present strategies that portray them as serious cloud players.
- Four CRM implementation best practices
  
  Ready to invest in CRM? Follow these best practices to ensure your implementation delivers results.
Data Center
- SAN backup and recovery
  
  Moving data can complicate your backup efforts. In this tip, you’ll learn backup goals for SAN environments and backup methods to achieve those goals.
- Why vCloud Architect will be the next must-have cloud certification
  
  While there is no official VMware cloud certification yet, IT pros hoping to get ahead should abandon the siloed approach to IT and prepare to lead their organization to the cloud.
- Facebook Open Compute Project a role model for data centers
  
  Data center experts say most enterprises can’t imitate Facebook’s Open Compute Project, but they could reap the benefits over time.
searchBusinessIntelligenceIN
- To glean value from 'big data' projects, it may take more than Hadoop
  
  Organizations will have to push beyond storage requirements and basic business intelligence tools to exploit big data, according to a Gartner analyst.
- Podcast: How to craft an effective MDM strategy
  
  In this podcast interview, Andy Hayler gives advice on how to create and implement an MDM strategy that is ruthlessly focused on business value.
- On the go the way to go? Answer lies with building mobile BI business case
  
  According to a recent Gartner survey, mobile technology is the second most important priority for CIOs in 2012, but building the business case is easier said than done.
Security
- Adobe and HTML 5: Safer than Flash mobile development?
  
  Expert Nick Lewis determines whether the combination of Adobe and HTML 5 will be safer for enterprises than Flash mobile development.
- MDM security features vs. mobile native security: Striking a balance
  
  MDM features abound, but should they always trump native security features of mobile devices? Lisa Phifer discusses the pros and cons.
- Download presentations from Information Security Decisions 2012
  
  At ISD 2012, many of the industry's leading information security experts gathered to share vendor-neutral expertise and proven security strategies.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- Microsoft attempts legal action to disrupt some Zeus botnets
  
  Legal and technical actions could disrupt some Zeus botnet operations by seizing command-and-control servers in Pennsylvania and Illinois.
- More than hype: Security big data helps bank to boost security program
  
  At RSA Conference 2012, Zions Bancorporation detailed how it harvested security big data using a Hadoop-based security data warehouse.
- Web application threats: What you really need to know
  
  In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.

All Rights Reserved, Copyright 2009 - 2012, TechTarget