Information security technologies are an increasingly critical element of information technology for the protection of information. As information security technologies become more widespread, an important issue is how securely they are designed and implemented.
  The convenience of information systems often takes precedence over information security, and insecure information systems have caused many problems. There is now a greater interest in information security because of the law, and the development of more secure information systems as infrastructure is desired. In line with these trends, this paper is working on the information security management needs as part of their general compliance and risk management activities. It is important for such corporations to take proactive action by continuously maintaining their information security management activities on the corporate level utilizing the information security management system (ISMS) and other related standards and schemes.
  Security attacks such as unauthorized access of personal information occur daily. It is vital for every company and organization to address such security issues due to their devastating impact on the company or organization concerned. How should individual companies and organizations deal with these types of issues? How can they be handled proactively? This paper provides information security solutions based on the concept of building a basic architecture for system security.