This document provides a summary of an ISO standard for information security management systems. It outlines the requirements for establishing, implementing, maintaining and improving an information security management system. This includes understanding the organization's context, leadership involvement, planning security actions, supporting the system through resources and training, operating security controls, evaluating performance, and pursuing improvement. The standard is designed to help organizations manage information security risks and meet the expectations of interested parties through an effective management system.