Information Security Management System

Definition
An Information Security Management System (ISMS) is a set of policies concerned with information security management or IT-related risks. The idioms arose primarily out of BS 7799. The governing principle behind an ISMS is that an organization should design, implement and maintain a coherent set of policies, processes and systems to manage risks to its information assets, thus ensuring acceptable levels of information security risk.