Information security management (2): guidelines to the management of information technology security (GMITS)

Information security has become very important in most organizations. To introduce, manage and maintain a high level of information security in an organization calls for a proper management methodology. International Standards Organisation/International Electrotechnical Commission has drafted a multi‐part technical report to provide guidelines to organizations to effectively manage the process of IT security. This paper provides a brief description of the first three parts of this technical report.