Security Management Standards: A Mapping

Adjustment and cost-effectiveness are key elements of a successful Information Security Management System (ISMS). ISMS-Processes, as basic elements of every ISMS, need to be aligned to the organization and its mission. As of today, a specific ISMS process framework does not exist. ISMS processes are not in focus of current research. This article aims to fill this research gap by presenting results of a process mapping study regarding ISMS processes in the most important and widely accepted international standards for Information Security Management. Authors propose a set of ISMS processes within an ISMS process framework which should be implemented at an individually appropriate maturity level.