A Survey: Information Security Management System

Abstract

It seems different organizations regarding the grade of importance of the existing
information’s role in them need a strong management in order to protect the security of this
information. The information security refers to protecting information and minimizing
unauthorized access to it. Management system of the information security means the
information security of a part of general and overall information security in an organization
that is based on business risks’ approach and aims to establish, implement, operate, monitor,
verify, maintain and improve information security. In this study, we have tried to introduce
information security management system, types of threatening risks of information systems
and also introduce and offer proper ways to maintain information security of each
organization and then work on necessary requirements in order to design information
security system and phases of implementing management system of information security.