Implementation of Information Security Management Systems for Data Protection in Organizations: A systematic literature review

Abstract

This systematic literature review investigates the implementation of Information Security Management Systems (ISMS) as a pivotal strategy for safeguarding organizational information in the digital era. Focusing on key factors influencing ISMS implementation, its impact on data protection, and the methodologies employed, the review underscores the significance of awareness and training in fostering compliance. Emphasizing the ISO/IEC 27001 standard as a prevalent framework, the study reveals positive impacts on organizational performance, financial outcomes, corporate reputation, and branding. The findings advocate for a comprehensive and structured approach to information security, urging future research to explore diverse organizational contexts and industries for a nuanced understanding of ISMS practices and their impact on organizational agility