Ismail, WWIsmailNorwawi, NMNMNorwawiSaadan, KKSaadan2024-05-292024-05-292014WOS:000346752100153https://oarep.usim.edu.my/handle/123456789/11351Information Security Management System (ISMS) goal is to provide a comprehensive approach to information security in the organization where timely detection and reporting will improve preventive measures and responses to incidents that could lead to organization good name and minimize financial losses. This paper presents a study on the current awareness of university hospitals on ISMS and the role of management in the decision policy of its implementation. In the literature review explain the importance of ISMS in the industry. The focus of the study is on data protection. Based on the findings, the awareness level is still unsatisfactory and need to improve to protect customers or patients' data. It required the full commitment from the management to implement the ISMS.en-USInformation Security Management System (ISMS)Hospital UniversitiesSecurity PolicyPolicy 27001:2013Proceedings Paper902907