With the progress of information technology and the Internet, the concept of information security is gradually understood and valued by everyone. The information departments of countries, companies and even the military have been prepared for it .A lot of preventive measures to avoid important data leaked. However, in the process of information transmission, the peeping of interested people have never stopped and the data theft cases are often seen. There are still many hacking incidents around the world. So, how to prevent hacker threats effectively and establish information security standards are an important issue for enterprise information security departments. Under the data be threatened at all times, the Information Security Management System (ISMS) has gradually been taken seriously by the world, government agencies and the military, in order to provide step and specification that can be followed to prevent the leakage of important and sensitive information. However, in recent years, few people have discussed the introduction of Information Security Management System in National Army at Taiwan. This study aims to study the key factors to Information Security Management System in National Army at Taiwan. First of all, based on the relevant literatures, 5 facets and 17 standards are integrated as the prototype of this research framework. Then, in order to optimize this research, the Delphi Method is used to interview the experts. After that, using the method of DEMATEL-based to discuss the relationship between the key factors to Information Security Management System in National Army at Taiwan. Finally, using the method of Importance-Performance Analysis to understand the performance and importance of each facets and standards . This study finds that there are two parts that need to be improved urgently. One is a security literacy of management person. Another is a awareness of employees' information security. Both of them have to be improved.