With increasing information technologies in organization s difficult information systems are established. There is tendency of organization s to safe important information, information of partnership organization s and customers information.
Information Security Management System (ISMS) provides overall model modifying risk assessment, plan and information security establishment, information security management and information security reassessment.
Proposal and implementation of ISMS in an organization is conditioned by needs and objectives of organization activities and resulting requirements for security, used processes, size and structure of an organization . ISMS ensures appropriate security inspections, adequate information resources security and it provides appropriate safety to customers and to other interested parties.
ISO/IEC 27001 Information Security Management Systems (ISMS) – Specification guideline for implementation – is the standard which specifies the requirements for implementation, establishment, operation, monitoring, research, maintenance and improvement of documented ISMS. It specifies requirements for establishment of safety inspections, adapted according to needs of an organization.
The organization declares the assurance of information security management system requirements by certification according to ISO/IEC 27001. A certified organization is qualified to use a certification mark for certified scopes.