What type of system ensures a coherent Information Security organisation?
What type of system ensures a coherent Information Security organisation?
A . Federal Information Security Management Act (FISMA)
B . Information Technology Service Management System (ITSM)
C . Information Security Management System (ISMS)
D . Information Exchange Data System (IEDS)
Answer: C
Explanation:
An Information Security Management System (ISMS) is a systematic approach to managing the security of information assets within an organization. It includes the policies, processes, and controls that address the risks and opportunities related to information security. An ISMS is based on the Plan-Do-Check-Act (PDCA) cycle, which consists of four phases: establishment, implementation, operation, and maintenance. Therefore, an ISMS is set up in the following order: establishment, implementation, operation, maintenance.
Reference: ISO/IEC 27000:2022, clause 3.24; ISO/IEC 27001:2022, clause 4.
Latest ISO-IEC-27001 Lead Auditor Dumps Valid Version with 100 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund