Due to enterprise's information system the degree of outsourcing is getting higher then higher, the main objective of this research is take observes in the information technology management of information service industry. We attempt to examine what impact in the organization, the process, the personnel and the technology to the information technology management in information service industry. This thesis research focuses on implementing ISO/IEC 27001 in information service industry the successful case experience as the object through case study. According to induction of discovered from research, we are concluding in four arguments as below: 1.Inducted ISO/IEC 27001 to urge the IT department to be different with formerly the passive function in organization role for the transformed communication bridge which linked the preceding with the following, become the important basis of information security management. 2.Inducts ISO/IEC 27001 to urge the organization to improve and to establish the IT process, displays and enable the effective information security management to fuse in the PDCA operation pattern. 3.Inducts ISO/IEC 27001 to urge the organization to have specialized and high quality of IT personnel in the information security management and simultaneously enhances the IT personnel to develop outside the information technology the function possibility. 4.Inducts ISO/IEC 27001 to urge the organization to change and to introduce the information technology promotes degree of largely the information security management process automation, and reduces the artificial work, causes the information manpower utilization to be more nimble.