Nowadays business makes use of information technology to maintain its competitive advantage and reinforce information peripheral devices to keep up with the international business development. Since information technology is rising and flourishing, volume of IC is reducing and functions of IC are increasing, lots of technology devices continually become light and handy. This trend provides a large number of opportunities for business to research and develop now products. When the now products are made, the competitive advantage of business is also increasing. However, hackers and cybercrimes come simultaneously into existence while information technology brings much of benefits for businesses. It makes a result that business confidential data like R&D techniques and financial management systems are exposed to the serious threat. This situation can even threaten the operation as well as the company advantage of business. Therefore, constructing information security systems demands immediately attention. This thesis is focus on information security management. Via knowledge management model the thesis tries to discuss the information security management in semiconductor business. The purpose of this research is to find out that knowledge management can be applied for what kind of sectors and computer systems in a company. Moreover, the thesis also tries to find out what kind of knowledge management activities can assist semiconductor business to improve information security. Finally, the thesis discusses how management activities help business achieve successful knowledge management. Through these results of the researches IT engineers can efficiently increase the competition of company, reduce cost of R&D and raise quality of products. The document arrangement of the thesis first defies “data, information and knowledge” gradationally. Secondly, it explains the categories of knowledge including tacit knowledge, explicit knowledge, individual knowledge, organization knowledge and also explains the transformation model among different knowledge. After these explanations, the document arrangement of the thesis defies knowledge management, knowledge management activities and knowledge management procedure. Besides the research methods given above, an in-depth interview is also one of the important research methods within the thesis. According to the content of interview, the conceptive structure is made and the questionnaire is designed. MIS workers, audit management, audit staffs and management of the management sector in the P Company are invited to complete questionnaires. After statistically analyzing the primary source from responders’ completed questionnaire, the thoughts about information security management controlling in P Company are found out. The thesis also analyzes the importance of three dimensions including information security management, knowledge management activities and knowledge management functions. By this analysis, the ratio of importance of knowledge management activities and knowledge management functions show up. According to all of the research results above, the contribution of information security management in semiconductor business is drew out. The research result shows that in P company information security management and information security controlling are feasible and complementary. It can make knowledge be retrieved, categorized, saved and shared by taking advantage of knowledge management methods and interdisciplines knowledge. Moreover, the idea that knowledge management can efficiently assist the information security in semiconductor business is approved.