This document provides the overview of information security management systems (ISMS). It also
provides terms and definitions commonly used in the ISMS family of standards. This document is
applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, notfor-
The terms and definitions provided in this document
— cover commonly used terms and definitions in the ISMS family of standards;
— do not cover all terms and definitions applied within the ISMS family of standards; and
— do not limit the ISMS family of standards in defining new terms for use.