Information security management: A bibliographic review

Since 1969, when Peter Drucker forecasted the emergence of the "knowledge society", the intellectual capital of organizations has become more important in the business world; for this reason, it needs to be protected. Such a task can be accomplished through information security. This paper is a review of the topic "information security" for the period 2001-2015 and, on this basis, provides the key to designing a management model of information security factors. The bibliographic review was conducted in three stages: a) review of unstructured information, b) bibliometric analysis, and c) content analysis, organization, and synthesis. As a result, a multi-dimensional framework was obtained, where relations among knowledge management, risk management, security incidents, information systems, and networks, human resources, economic aspects, governance of information security, policies, and good practices were studied. It is concluded that there are gaps for future research.