Which of the following standards/guidelines requires an Information Security Management System
(ISMS) to be defined?
A.
International Organization for Standardization (ISO) 27000 family
B.
Information Technology Infrastructure Library (ITIL)
C.
Payment Card Industry Data Security Standard (PCIDSS)
D.
ISO/IEC 20000
An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization’s sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach.
0
0
The ISO/IEC 27000-series (also known as the ‘ISMS Family of Standards’ or ‘ISO27k’ for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
0
0