Information security is considered as an important task of protecting the confidential data and protection of a nation's security for a military unit. According to the results of a survey on information security, occurrences of negligence of human behavior is over 85% among the events of information security. Therefore, how to develop an information policy and providing general guiding principles for information security control is the major issues of information security management for a military unit. In this research, an information security policy and execution principles is developed for a military unit. Furthermore, an information security document management system (ISDMS) including four major sections such as information security policy, managerial methods, operating procedures, and record sheets according to the regulations of CNS 27001 is developed. It is hoped to be carried out by the soldiers and employees of a military unit as the operation specifications and execution principles of delivering the document of information security system management. For the purposes of coping with the complex information security documents, this research develops an ISDMS based on the concept of ontology. Fundamentally, ontology originates from the field of philosophy and it is widely applied to the applications such as information system integration, information science, knowledge engineering, and business integration. Thus, ontology serves as a powerful tool to develop a structure of management system for information security documents. An ontology-based information security document management system is a good medium of storing digital information security documents and provides users to access information security documents. Bases on the needs of information security document management for a military unit, this research proposes a research model and develops an ISDMS. It aims to facilitate the employees of the computer center in accessing the information security document effectively with the function such as uploading, downloading and reviewing the information security immediately. An ISDMS based on ontology contains main categories including information security policy, information security organization, information asset classification and control, human resource management and educational training, physical environment security, communication and operating security management, access control security, security of system development and maintenance, reaction and process to information security events, professional work continuously operation management, conformation to relevant provisions of information security and information security policy of implementation units. The categories mentioned above can be used to classify the information security documents that is aimed to increase the technical exchanges among information professionals in order to improve the efficiency and effectiveness of implementations of information security policy. To examine the application performance of an ISDMS, a questionnaire is delivered to seventeen information professionals. Major findings of data analysis are summarized as follows. First, on the aspect of system quality, the correctness of contents of outputs of an information system is ranked as the first priority on information quality, the degree of truthfulness of document's quality is ranked as the first priority on service quality, and operation efficiency and security of document management system is ranked as the first priority on system application quality. Second, on the aspect of operation benefits, an ontology-based ISDMS can provide information professionals useful information about information security events. Third, an ISDMS based on the controlling items of ISO 27001 international standard can provide information professionals information about comprehensive information security policy and standard operating procedures. The findings of this research contribute to the application of preventing the occurrences of the events of information security.