Information security management system

controls that an organization needs to implement for protecting the confidentiality, availability, and integrity of assets from threats and vulnerabilities