ISO is an independent non-governmental international organization composed of representatives from various national standards organizations.


Information Security Management System (ISMS) is a framework for keeping an organization’s information safe. It contains a set of policies, procedures and controls to protect the confidentiality, availability and intergrity of information.

ISMS also control to treat common risks related to people, resources, assets, and processes through risk assessment.

ISMS Major Areas under Security Domains

  1. Information Security Policies
  2. Organization of Information Security
  3. Human Resource Security
  4. Asset Management
  5. Access Control
  6. Cryptography
  7. Physical and Environmental Security
  8. Operations Security
  9. Communications Security
  10. System Acquisition, development and maintenance
  11. Supplier Relationships
  12. Information Security Incident Management
  13. Information Security Aspects of Business Continuity Management
  14. Compliance