This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, not-for-profit organizations).
The terms and definitions provided in this document
cover commonly used terms and definitions in the ISMS family of standards;
do not cover all terms and definitions applied within the ISMS family of standards; and
do not limit the ISMS family of standards in defining new terms for use.