The learning unit aims to provide the fundamental elements at the base of a proper integrated management of information security in an enterprise. In particular, the organizational aspects (creation of teams / units of information security and their position in the company organization), the economic and financial analysis of the investments, the implementation and management of information security projects (project management), performance measurement of the initiatives and the identification of corrective measures aimed at continuous improvement of information security management system.