It’s not more of a written paper, but more of answer the questions type. Introduction ________________________________________ An information security management system (ISMS) represents a systematic approach to designing, implementing, maintaining, and auditing an organization’s information system security objectives. As with any process, if an ISMS is not continually monitored, its effectiveness will tend to deteriorate. Most organizations perform important information security activities, but the majority of firms do not do so as part of an organization-wide initiative. When organizations place a strategic emphasis on a culture of securing their information assets, they increase the likelihood of maintaining control of their information assets and lower their risk of losing customers, market share, or other resources due to a breach in confidentiality, integrity, or availability of key business assets. For this task you will be using the attached “Task 3 Healthy Body Wellness Center Risk Assessment” case study. You will be required to conduct a partial as-is audit of the Healthy Body Wellness Center organization. The idea behind using an as-is question set is to determine the current compliance levels and awareness of the organization’s security posture. The three key aspects of the question set are to determine if the organization has appropriate policies, procedures, and practices in place to adhere to ISO 27002 for the ISMS.