{"id":9091,"date":"2024-10-02T12:30:01","date_gmt":"2024-10-02T11:30:01","guid":{"rendered":"https:\/\/amtivo.com\/us\/?post_type=resources-filter&#038;p=9091"},"modified":"2026-01-20T19:52:36","modified_gmt":"2026-01-20T19:52:36","slug":"what-is-an-information-security-management-system-isms","status":"publish","type":"resources-filter","link":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/","title":{"rendered":"What Is an Information Security Management System (ISMS)?"},"content":{"rendered":"<p><span style=\"font-weight: 400;\"><span class=\"ui-provider a b c d e f g h i j k l m n o p q r s t u v w x y z ab ac ae af ag ah ai aj ak\"><strong>Information security should be a top priority for any organization, irrespective of the size of your business or the industry in which you operate.<\/strong> <br \/>\r\n<br \/>\r\n<\/span><span data-teams=\"true\"><span class=\"ui-provider a b c d e f g h i j k l m n o p q r s t u v w x y z ab ac ae af ag ah ai aj ak\">From corporate assets to identifiable customer and employee data, neglecting to safeguard data effectively could result in expensive legal and reputational issues.<\/span><\/span><br \/>\r\n<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">In 2023, the FBI\u2019s Internet Crime Center reported receiving a record number of complaints about cyber crime from the public\u2014<\/span><a href=\"https:\/\/www.ic3.gov\/AnnualReport\/Reports\/2023_IC3Report.pdf\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">880,418 complaints were registered, with potential losses exceeding $12.5 billion<\/span><\/a><span style=\"font-weight: 400;\">. A robust security system is, therefore, essential to protecting valuable, sensitive information and data.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">Organizations can quickly prepare for and handle cyber attacks and data breaches, using a risk-based approach to identify potential security issues and plan accordingly.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">An Information Security Management System (ISMS) can provide a framework for this for your business, along with cost savings, improved stakeholder confidence, regulatory compliance and protected business continuity.<\/span><\/p>\r\n<h2><b><br \/>\r\nWhat is an Information Security Management System (ISMS)?<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">An <\/span><b>Information Security Management System (ISMS)<\/b><span style=\"font-weight: 400;\"> is a systematic approach to securing an organization\u2019s sensitive information.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">Data security helps organizations guard against information security breaches. From storage to transfer, an ISMS can secure every step of the information process. This involves implementing strategies, processes, utilities and additional safeguards for pinpointing potential risks, reducing data threats and preserving business continuity and operations.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">An ISMS can help to tackle every dimension of data security including personnel, processes and IT infrastructures.<\/span><\/p>\r\n<p><a href=\"https:\/\/amtivo.com\/us\/iso-certification\/iso-27001\/\"><img decoding=\"async\" src=\"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/10\/Build-an-effective-Information-Security-Management-System-with-ISO-27001.png\" alt=\"What-is-an-ISMS-27001\" \/><\/a><\/p>\r\n<h2><b><br \/>\r\nWhat are the main aims of Information Security?<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">The three main aims of information security, often referred to as the <\/span><b>CIA triad<\/b><span style=\"font-weight: 400;\">, are:<\/span><\/p>\r\n<ul>\r\n\t<li style=\"font-weight: 400;\"><b>Confidentiality<\/b><span style=\"font-weight: 400;\">\u2014Information is prevented from being disclosed without authorization, ensuring that sensitive internal and customer data remains private.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Integrity<\/b><span style=\"font-weight: 400;\">\u2014Ensuring that information and processing methods are accurate, protecting data from any alterations that could negatively impact its reliability or use.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Availability<\/b><span style=\"font-weight: 400;\">\u2014Ensures protected information is accessible to authorized individuals when required, maintaining smooth daily business operations.<\/span><\/li>\r\n<\/ul>\r\n<p><span style=\"font-weight: 400;\"><br \/>\r\nThese factors are key for any organization. They preserve customer trust and loyalty while helping businesses avoid risks that could result in legal or reputational damage.<\/span><\/p>\r\n<h2><b><br \/>\r\nWhat are the main elements of an ISMS?<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">Several core components create an Information Security Management System, and each plays an essential role in managing information security risks.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">The <\/span><a href=\"https:\/\/amtivo.com\/us\/iso-certification\/iso-27001\/\" rel=\"noopener\"><span style=\"font-weight: 400;\">ISO 27001 standard<\/span><\/a><span style=\"font-weight: 400;\"> lays out these components in a detailed framework.<\/span><\/p>\r\n<h3><b>Risk Assessments<\/b><\/h3>\r\n<p><span style=\"font-weight: 400;\">ISO 27001 follows a risk-based approach. This is fundamental to the standard and involves identifying, assessing, and systematically managing potential risks. The approach is used throughout the entire data process to identify:<\/span><\/p>\r\n<ul>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Individual assets that could be at risk, such as data, people, hardware, software and processes<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">What the risks are<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">The likelihood of them occurring<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">The potential impacts and consequences<\/span><\/li>\r\n<\/ul>\r\n<p><span style=\"font-weight: 400;\"><br \/>\r\nThese insights inform which security procedures and controls are implemented to manage the risks. ISO 27001 provides a detailed risk assessment procedure, to help establish a systematic, repeatable process that can be reused for future recertifications.<\/span><\/p>\r\n<h3><b>Continual Improvement<\/b><\/h3>\r\n<p><span style=\"font-weight: 400;\">ISO 27001 mandates continual management and improvement of an ISMS to ensure it remains effective and relevant as the organization evolves.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">Policies, procedures and risk assessments must all be reviewed and updated as part of the continual improvement tenet. To drive continual improvements in your ISMS, an organization needs to consistently monitor, measure, analyze and evaluate each step and its output.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">ISO 27001 emphasizes the need for a Plan-Do-Check-Act cycle as the foundation for a systematic approach to continual improvement.<\/span><\/p>\r\n<h3><b>Documented Policies and Procedures<\/b><\/h3>\r\n<p><span style=\"font-weight: 400;\">For long-term success, an ISMS needs well-defined policies and procedures that are understood by all. These documents need to outline areas of concern and action in information security, including:<\/span><\/p>\r\n<ul>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Access control<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Incident management<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Data backup<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Protocol in the event of a cyber attack<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Roles and responsibilities<\/span><\/li>\r\n<\/ul>\r\n<p><span style=\"font-weight: 400;\"><br \/>\r\nUnder ISO 27001 specifications, these policies and procedures need to be clearly documented and available to all relevant employees.<\/span><\/p>\r\n<h3><b>Other Elements<\/b><\/h3>\r\n<p><span style=\"font-weight: 400;\">Other core elements for a successful and effective ISMS include employee awareness training, incident management procedures and business continuity plans. Without these, your organization may lack comprehensive data protection and may not achieve ISO 27001 certification.<\/span><\/p>\r\n<h2><b><br \/>\r\nBenefits of an Information Security Management System<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">Organizations can enjoy a number of benefits from having a structured approach to information security with an Information Security Management System. They include:<\/span><\/p>\r\n<ul>\r\n\t<li style=\"font-weight: 400;\"><b>Protection of private data<\/b><span style=\"font-weight: 400;\">\u2014An ISMS helps to secure sensitive data (intellectual property, personal data or proprietary corporate information) from unauthorized access and cyber threats. It helps to maintain the integrity, availability and confidentiality of information while mitigating the risks to business operations.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Regulatory compliance<\/b><span style=\"font-weight: 400;\">\u2014By incorporating legal, physical and technical controls to secure sensitive information, an ISMS supports adherence to laws and regulations like ISO 27001 plus those set out by the <\/span><a href=\"https:\/\/www.ftc.gov\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Federal Trade Commission (FTC)<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Cost efficiency<\/b><span style=\"font-weight: 400;\">\u2014An ISMS identifies and mitigates risks proactively, preventing costly data breaches and lawsuits, making it a financially prudent measure in the long run. However, an initial investment will most likely be needed to get your ISMS implemented and operational.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Enhancing customer trust<\/b><span style=\"font-weight: 400;\">\u2014By demonstrating strong security measures, an ISMS demonstrates an organization\u2019s commitment to data protection, strengthening customer and stakeholder confidence.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Business continuity<\/b><span style=\"font-weight: 400;\">\u2014An ISMS prepares an organization to handle disruptions and supports smooth, uninterrupted business operations in the face of an incident, providing a competitive advantage with excellent customer service.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Improved reputation<\/b><span style=\"font-weight: 400;\">\u2014By implementing a robust ISMS through an ISO 27001 certification, organizations demonstrate their commitment to internationally recognized standards, enhancing their reputation and credibility.<\/span><\/li>\r\n<\/ul>\r\n<p><a href=\"https:\/\/amtivo.com\/us\/iso-training-courses\/iso-27001-training-courses\/iso-27001-free-online-training-course\/\"><img decoding=\"async\" src=\"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS-27001-Training.png\" alt=\"What-is-an-ISMS-27001-Training\" \/><\/a><\/p>\r\n<h2><b><br \/>\r\nHow are ISO 27001 and ISMS related?<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">ISO 27001 is the international standard for Information Security Management Systems (ISMS) set by the <\/span><a href=\"https:\/\/www.iso.org\/home.html\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">International Organization for Standardization<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">This standard can provide valuable guidelines to organizations of any size looking to enhance their information security. It details the requirements needed for businesses to manage information assets and data securely.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">The process used is essential for setting up an ISMS in accordance with ISO 27001 requirements, with every stage below accounted for:<\/span><\/p>\r\n<ul>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Establishing<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Implementing<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Operating<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Monitoring<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Maintaining<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Improving<\/span><\/li>\r\n<\/ul>\r\n<p><span style=\"font-weight: 400;\"><br \/>\r\nInformation security is a high-priority topic for both the public and corporations, so ISO 27001 insists that an ISMS follows a risk management approach. This gives organizations more granular control over and mitigates all potential information security risks.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">It also increases stakeholder and client trust, as the organization demonstrates a proactive approach to information security\u2014being ISO 27001 certified is proof that an organization meets rigorous international standards.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">Considering how extensive and thorough the certification process is, it\u2019s also proof that an organization has taken all necessary steps for robust information protection against unauthorized access and has security threat and breach mitigation procedures in place.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">Without a robust ISMS, your organization won\u2019t be able to become ISO 27001 certified, and without the guidance of ISO 27001, you may find it difficult to implement an effective ISMS.<\/span><\/p>\r\n<h2><b><br \/>\r\nHow your Organization can become ISO 27001 Certified<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">Before your organization can enjoy the numerous benefits of being ISO 27001 certified and boosting its information security, there are a number of steps that need to be taken:<\/span><\/p>\r\n<ol>\r\n\t<li style=\"font-weight: 400;\"><b>Understand the standard requirements<\/b><span style=\"font-weight: 400;\">\u2014It is essential to familiarise yourself with ISO 27001\u2019s requirements fully and what commitment you will need to make to meet them.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Gather all the required documentation<\/b><span style=\"font-weight: 400;\">\u2014To demonstrate your ISMS\u2019s performance in accordance with standard regulations, you will need a comprehensive folio of documents. These should include the ISMS\u2019s scope, Statement of Applicability, risk assessment procedures, risk treatment plan, and policies and procedures for managing information security.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Action the ISMS<\/b><span style=\"font-weight: 400;\">\u2014Implement the policies, procedures and controls outlined in your documentation. This includes setting up the necessary IT systems, conducting risk assessments and implementing the identified controls.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Train your staff<\/b><span style=\"font-weight: 400;\">\u2014Your staff are on the front line of information security as they complete tasks. Ensuring that all relevant staff are well trained in the policies and procedures and aware of ISO 27001 requirements ensures regulation compliance.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Undergo pre-auditing<\/b><span style=\"font-weight: 400;\">\u2014Conducting pre-audits before the final certification audit can be a beneficial step. These are sometimes known as internal audits, and they help you identify any weaknesses or gaps in your ISMS that may impact your certification and fix them.<\/span><\/li>\r\n\t<li style=\"font-weight: 400;\"><b>Undertake the certification audit<\/b><span style=\"font-weight: 400;\">\u2014Applying and undertaking the certification audit is the final step, to be taken only once you are confident your ISMS complies with ISO 27001 regulations. These are conducted by independent certification bodies, who will award your organization with the certification once they determine your ISMS meets all necessary requirements.<\/span><\/li>\r\n<\/ol>\r\n<p><span style=\"font-weight: 400;\">ISO certifications are not one-time awards. They require ongoing auditing to prove your commitment to improving information security and providing quality service. The initial ISO 27001 certification is valid for three years and requires recertification every three years to ensure compliance, along with annual surveillance audits.<\/span><\/p>\r\n<h2><b><br \/>\r\nHow Amtivo (formerly Orion Registrar and American Systems Registrar) can help<\/b><\/h2>\r\n<p><span style=\"font-weight: 400;\">If you\u2019re ready to enhance your organization\u2019s information security and implement an ISO 27001-compliant ISMS, Amtivo can help.<\/span><\/p>\r\n<p><span style=\"font-weight: 400;\">As an <\/span><a href=\"https:\/\/amtivo.com\/us\/accreditations\/\" rel=\"noopener\"><span style=\"font-weight: 400;\">ANAB-accredited certification body<\/span><\/a><span style=\"font-weight: 400;\">, we\u2019re authorized to perform <\/span><a href=\"https:\/\/amtivo.com\/us\/certification-services\/\" rel=\"noopener\"><span style=\"font-weight: 400;\">certification audits for several management system standards<\/span><\/a><span style=\"font-weight: 400;\">. Our team of expert auditors provides comprehensive certification services for ISO 27001 and training in implementing and auditing an ISMS.<\/span><\/p>\r\n<p><strong><a href=\"https:\/\/amtivo.com\/us\/certification-quote\/\" rel=\"noopener\">Get a quote<\/a><\/strong><span style=\"font-weight: 400;\"> today, or <\/span><strong><a href=\"https:\/\/amtivo.com\/us\/contact-us\/\" rel=\"noopener\">contact our team<\/a><\/strong><span style=\"font-weight: 400;\"> to discuss your needs.<\/span><\/p>","protected":false},"excerpt":{"rendered":"Learn how ISO 27001 can elevate your organization\u2019s information privacy with an Information Security Management System.","protected":false},"author":24,"featured_media":9092,"template":"","resource":[23],"resource-tag":[39],"class_list":["post-9091","resources-filter","type-resources-filter","status-publish","has-post-thumbnail","hentry","resource-insights","resource-tag-iso-27001"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What Is an Information Security Management System (ISMS)? - Amtivo<\/title>\n<meta name=\"description\" content=\"Discover how Information Security Management Systems can take your organization\u2019s information privacy to new heights with ISO 27001.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is an Information Security Management System (ISMS)?\" \/>\n<meta property=\"og:description\" content=\"Discover how Information Security Management Systems can take your organization\u2019s information privacy to new heights with ISO 27001.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/\" \/>\n<meta property=\"og:site_name\" content=\"Amtivo US\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-20T19:52:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"925\" \/>\n\t<meta property=\"og:image:height\" content=\"619\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2025\/04\/testimonialImage-placeholder.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What Is an Information Security Management System (ISMS)? - Amtivo","description":"Discover how Information Security Management Systems can take your organization\u2019s information privacy to new heights with ISO 27001.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/","og_locale":"en_US","og_type":"article","og_title":"What Is an Information Security Management System (ISMS)?","og_description":"Discover how Information Security Management Systems can take your organization\u2019s information privacy to new heights with ISO 27001.","og_url":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/","og_site_name":"Amtivo US","article_modified_time":"2026-01-20T19:52:36+00:00","og_image":[{"width":925,"height":619,"url":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_image":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2025\/04\/testimonialImage-placeholder.jpg","twitter_misc":{"Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/","url":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/","name":"What Is an Information Security Management System (ISMS)? - Amtivo","isPartOf":{"@id":"https:\/\/amtivo.com\/us\/#website"},"primaryImageOfPage":{"@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/#primaryimage"},"image":{"@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/#primaryimage"},"thumbnailUrl":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS.jpeg","datePublished":"2024-10-02T11:30:01+00:00","dateModified":"2026-01-20T19:52:36+00:00","description":"Discover how Information Security Management Systems can take your organization\u2019s information privacy to new heights with ISO 27001.","breadcrumb":{"@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/#primaryimage","url":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS.jpeg","contentUrl":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2024\/09\/What-is-an-ISMS.jpeg","width":925,"height":619,"caption":"What is an ISMS"},{"@type":"BreadcrumbList","@id":"https:\/\/amtivo.com\/us\/resources\/insights\/what-is-an-information-security-management-system-isms\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/amtivo.com\/us\/"},{"@type":"ListItem","position":2,"name":"Resources","item":"https:\/\/amtivo.com\/us\/all-resources\/"},{"@type":"ListItem","position":3,"name":"Insights","item":"https:\/\/amtivo.com\/us\/resources\/insights\/"},{"@type":"ListItem","position":4,"name":"What Is an Information Security Management System (ISMS)?"}]},{"@type":"WebSite","@id":"https:\/\/amtivo.com\/us\/#website","url":"https:\/\/amtivo.com\/us\/","name":"Amtivo","description":"","publisher":{"@id":"https:\/\/amtivo.com\/us\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/amtivo.com\/us\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/amtivo.com\/us\/#organization","name":"Amtivo","url":"https:\/\/amtivo.com\/us\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/amtivo.com\/us\/#\/schema\/logo\/image\/","url":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2025\/09\/cropped-Amtivo-US-Registered-logo-XXL_Cobalt-Logo-Stacked-copy-2.png","contentUrl":"https:\/\/amtivo.com\/us\/wp-content\/uploads\/sites\/18\/2025\/09\/cropped-Amtivo-US-Registered-logo-XXL_Cobalt-Logo-Stacked-copy-2.png","width":2557,"height":2121,"caption":"Amtivo"},"image":{"@id":"https:\/\/amtivo.com\/us\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resources-filter\/9091","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resources-filter"}],"about":[{"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/types\/resources-filter"}],"author":[{"embeddable":true,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/users\/24"}],"version-history":[{"count":2,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resources-filter\/9091\/revisions"}],"predecessor-version":[{"id":13265,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resources-filter\/9091\/revisions\/13265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/media\/9092"}],"wp:attachment":[{"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/media?parent=9091"}],"wp:term":[{"taxonomy":"resource","embeddable":true,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resource?post=9091"},{"taxonomy":"resource-tag","embeddable":true,"href":"https:\/\/amtivo.com\/us\/wp-json\/wp\/v2\/resource-tag?post=9091"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}