This paper tends to study the influence of information security management system (BS7799) on information security culture of an organization and the correlation between them in a famous Taiwan company named ‘Y’. The research chose management sections of BS7799 as independent variables and the conception of information security culture defined by OECD as dependent variable. Questionnaires were sent to 123 employees in Y company and the collected data were analyzed with statistical methods such as factor analysis and stepwise multiple regression analysis. The result shows that the introduction of BS7799 system has significant influence on the development of information security culture. Particularly, security policies have the most important influence on the development of information security culture as a whole. The introduction of information security management system (BS7799) also has significant influence on establishment of awareness and responsibility of information security, strengthening the capability of response and solving an emergency, security design and application, management of access control, endogenesis of ethics of information, etc.