What type of system ensures a coherent Information Security organisation?

What type of system ensures a coherent Information Security organisation?
A . Federal Information Security Management Act (FISMA)
B . Information Technology Service Management System (ITSM)
C . Information Security Management System (ISMS)
D . Information Exchange Data System (IEDS)

Answer: C

Explanation:

An Information Security Management System (ISMS) is a systematic approach to managing the security of information assets within an organization. It includes the policies, processes, and controls that address the risks and opportunities related to information security. An ISMS is based on the Plan-Do-Check-Act (PDCA) cycle, which consists of four phases: establishment, implementation, operation, and maintenance. Therefore, an ISMS is set up in the following order: establishment, implementation, operation, maintenance.

Reference: ISO/IEC 27000:2022, clause 3.24; ISO/IEC 27001:2022, clause 4.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments