Information Security Management (ISMS)
Information security aims to protect the information and resources of an information system (of which the information system is a part) in general, from possible damage that may cause a reduction in their value.
In addition, it aims to provide reliable information, which is available to authorized users when they need it.
A more practical view of information security is as a structured system of processes, consisting of three distinct steps: prevention, detection and response:
Resource protection and data protection is not defined vaguely, but on the basis of the three (3) fundamental properties of Information Security, which are: