MEASURING AND ANALYZING THE REALITY OF IMPLEMENTING THE INFORMATION SECURITY MANAGEMENT SYSTEM IN ACCORDANCE WITH ISO 27001:2022- CASE STUDY AT THE VEHICLE REGISTRATION SITE IN BAGHDAD AL-HUSSEINIYAH

Abstract

The research addresses the possibility of organizations implementing an information security system in accordance with standard specification (ISO 27001:2022). The standard is important in enhanc-ing the reputation of organizations and generating competition to ob-tain accreditation from granting bodies. The research aims to Assess the actual reality of information security management system requirements by (ISO 27001:2022), In addition to diagnosing the size of gap in General Traffic Directorate- vehicle registration site in Bagh-dad al-husseiniyah. The research reveals weaknesses in the application of the information security management system and identifies aspects of documentation in a way that contributes to the possibility of developing an improvement plan. The research relied on a case study through carefully collecting data by the author based on a checklist designed based on the requirements of (ISO 27001:2022), in addition to conducting personal interviews with several administrative leaders in the General Traffic Directorate- vehicle registration site in Baghdad al-husseiniyah. The research problem included weak implementation of the information security management system and failure to meet the requirements of (ISO 27001:2022) which negatively affected the work of the information security system. The results of research show a total non- conformity rate of (68%).The most prominent recommendations are the need to pay attention to implementing, maintaining, and improving the information management system.