Skip to main content

Module E: Information Security Management System (ISMS) framework


Welcome to the Pathway Programs module on the Information Security Management System (ISMS) framework.

The ISMS framework is a management activity within the corporate governance framework which provides the strategic direction, activities and ensures objectives are achieved.

The purpose of the ISMS framework is to provide a focus for all aspects of IT security and manage all IT security activities. The term information is used as a general term here and includes data storage units, databases and metadata. The objective of the ISMS framework is to protect the interests of those who rely on the information and the systems and communications that deliver the information from harm resulting from failures of availability, confidentially and integrity.

In this module we will cover:

  • Policies and procedures
  • Risk management processes
  • Legal, physical and technical control measures.