【Purpose/significance】With the continuous improvement of informatization, information security has become one of the most important concerns of enterprises, and the construction of enterprise information security management system has become very important.【Method/process】By analyzing the development status and influencing factors of enterprise information security management system, combining with the current business model of enterprises, the information security management system combined with the overall business system of enterprises is constructed, and the key countermeasures to ensure the best operation of the security system are put forward.【Result/conclusion】This achievement has guiding significance for enterprises to establish information security management system that meets both the requirements of international standards and the needs of enterprises’ development.