← Cybersecurity Alphabet Soup

ISMS

Information Security Management System

governancemedium

The overall framework of policies, processes, and controls an organization uses to manage information security in a systematic way. It is the core concept behind ISO/IEC 27001, which certifies that an organization runs an ISMS with risk assessment, management commitment, and continual improvement. Having a certified ISMS is a common requirement in vendor security reviews.

Sources

More in governance