# Information Security Management System

This document can be used by internal and external parties to assess how we meet the information security requirements.

It is important that the information security management system is part of and integrated with our processes and overall management structure and that information security is considered in the design of processes, information systems, and controls. An information security management system implementation will be scaled in accordance with the changing needs of our organization.

<table data-full-width="false"><thead><tr><th>POLICIES</th><th width="249.33333333333331">STANDARDS</th><th>PROCESSES</th></tr></thead><tbody><tr><td><strong>INFORMATION SECURITY POLICY (1)</strong></td><td><strong>LINUX HARDENING STANDARD (2.1)</strong></td><td>Incident Management Processes (3.1)</td></tr><tr><td>Information Management Policy</td><td><strong>INFORMATION SECURITY GOVERNANCE STANDARD (1.1)</strong></td><td>Access Provisioning Process (4.1)</td></tr><tr><td><strong>Access Control Policy (4)</strong></td><td><strong>Incident Management Standard (3)</strong></td><td>Access Review Process (4.2)</td></tr><tr><td>Change Management policy</td><td>Risk Management Standard</td><td>On-boarding And Off-boarding Process (4.3)</td></tr><tr><td>Encryption Policy</td><td>Secure Development Management Standard</td><td>Vulnarability Management Process (5.1)</td></tr><tr><td><strong>Server Security Policy (2)</strong></td><td>Physical Security Standard</td><td>Threat Hunting Process (1.1.1)</td></tr><tr><td>Patch Management Policy</td><td>Penetration Testing Standard (5)</td><td></td></tr><tr><td></td><td>Information Asset Management Standard</td><td></td></tr><tr><td></td><td>Information Security Requirements Standard</td><td></td></tr><tr><td></td><td>Disaster Recovery Plan Standard</td><td></td></tr><tr><td></td><td>Back-up and Recovery Standard</td><td></td></tr><tr><td></td><td>Management System Improvement Standard</td><td></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://isms.ops24.eu/information-security-management-system.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.