The purpose of information security is to ensure business continuity and minimize business damage by preventing and minimizing the impact of security incidents. Information security management enables information to be shared, while ensuring the protection of information and all other assets within the scope of the system.