Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

View Schedule & Pricing
Get a Quote
Book a Meeting

Popular Searches

CISSP Security+ AWS Azure CCNA CompTIA Cloud Cybersecurity

Quick Links

Global Accelerated Learning • Est. 1999
Glossary Term Information Security Management System (ISMS)

Training Camp • Cybersecurity Glossary

What is Information Security Management System (ISMS)?

An Information Security Management System (ISMS) is a risk-based framework of controls for managing information security, standardized by ISO/IEC 27001.

Glossary > Governance, Risk & Compliance > Information Security Management System (ISMS)

Information Security Management System (ISMS) Definition: An Information Security Management System (ISMS) is a risk-based framework of controls for managing information security, standardized by ISO/IEC 27001.

Understanding Information Security Management System (ISMS)

An Information Security Management System (ISMS) is a systematic, risk-based framework of policies, processes, and controls for managing an organization's information security. The internationally recognized standard for an ISMS is ISO/IEC 27001, which specifies requirements for establishing, implementing, maintaining, and continually improving the system. An ISMS follows a Plan-Do-Check-Act cycle and supports formal certification to demonstrate security assurance to stakeholders.

Learn More About Information Security Management System (ISMS):

← Information Protection Strategy Back to All Terms Information Security Officer →

Related Cybersecurity Terms

Long-Term Retention
Governance
Configuration Management (CM)
Least Privilege

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →