Design and Realization of Information Security Management System

To solve the problem of lacking risk mitigation part and using security standards synthetically in current information security risk management system(ISRMS),this article expatiates a method to design and implement a new ISRMS.It also brings forward a way to analyze the result of risk assessment and a method to mitigate the risk.Some algorithms for analyzing key factors in risk management are improved.This system covers the short in functions and the interoperability of data in most ISRMS and enhances its application value.