Security management shall be implemented in a planned and systematic way in the form of a management system that includes planning, establishing, implementing and improving preventive security work.

Security management is about systematic activities that are necessary to achieve and maintain a reasonable level of security for the enterprise's values. What is considered to be sound security will depend on the company's fair value and the acceptance criteria associated with it, combined with the relevant risk assessment.

Since sound security will change over time, on the basis of a change in the overall risk, security management must also adhere to the principle of continuous improvement of the security work in the business.

NSM produces a number of publications, that are available in the Norwegian version of this site.