The importance of introducing Information Security Management Systems for Service Providers
: - This paper presents the process of Information Security Management System (ISMS) implementation by taking all guidances from ISO 27001:2013 standard in one Service Provider in Bosnia and Herzegovina. This Service Provider provides to its customers a hosting and an e-mail service. The paper is divided in two parts. The first part describes a preparation of Statement of Applicability (SoA) document and Risk Treatment Plan (RTP) document with a collection of recommendations for the improvement of this system. The second part describes results after the implementation of previous recommendations and gives a final set of recommendations for the improvement of the entire system. This paper has a scientific value because it gives a set of new recommendations for the improvement of ISMS system by using a new ISO 27001 standard from 2013. The same analysis could be done not just in service providers or telecom operators but also in many other companies or organizations.