The purpose of this study was to investigate and analyze the assumptions and requirements for the implementation of Information Security Management System (ISMS). To check assumptions security for security management system implementation, we studied the population of patients hospitals in Tabriz. Because...