A Study on Information Security Management System Model for Small and Medium Enterprises

To address current difficulties of Small and Medium Enterprises (SMEs) that are reluctant to invest in information security due to cost, this paper intends to provide an information security management system that will allow SMEs to adopt efficient security measures. Information protection across the enterprise to organize activities such as ISO 27001 Safety Management System through long-term, sustainable security infrastructure to build, but the current information management system that protects personnel and budgets of small businesses under the circumstances when the use is difficult. Therefore, in this paper, the operating environment of small business information and analysis, and major threats, physical, human and technical threats from a variety of businesses to help strengthen the security level of information security management system was the establishment of research.