Risk assessment of Information Security Management System inGovernment Organizations in Iran

Objective: The main objective of this research was to study the risks involved in information security management systems (ISMS) in large corporations. Methodology: Data was collected by a researcher made questionnaire. The reliability of this questionnaire was examined by Cronbach's alpha measured at 0.86. The validity of questionnaire was confirmed by experts in this field. This confirmation proved the face validity and content validity of the questionnaire. Pearson correlation coefficient and two variable regression analysis was used for data analysis. Findings: The findings showed that and risk reduction of ISMS has significant relation with security management system department, human resource development, security management system training, strategies and policies for information security, risk assessment of information processing security, security incident support in large organizations. Conclusions: the important role of information in today's business and the requirement for safeguarding corporate information make it necessary for every organization to undertake the task of designing ISMS that fits its information base in order to safeguard the corporate information assets.