ANALYSIS OF INFORMATION SECURITY MANAGEMENT SYSTEM FRAMEWORKS

ISMS is a set of policies, activities, and procedures implemented by the Information Security Department to maintain the confidentiality, integrity, and availability of information from threats and risks. Activities and procedures include identifying security needs, strategies required for implementation, and measuring results for security improvement. This paper aims to review the previous literature to verify the factors that affect information security management. Examination of current information security frameworks and standards, and this paper concluded that, for an organization to adopt a specific framework, this framework must be evaluated based on the security needs of the organization. The framework must include all factors that affect information security from all organizational aspects, people, and technology. Otherwise, the organization will face difficulties and obstacles in implementing the framework and improving security.