Information Security Maturity Model

To ensure security, it is important to build-in security in both the planning and the design phases andadapt a security architecture which makes sure that regular and security related tasks, are deployedcorrectly. Security requirements must be linked to the business goals. We identified four domains thataffect security at an organization namely, organization governance, organizational culture, thearchitecture of the systems, and service management. In order to identify and explore the strength andweaknesses of particular organization’s security, a wide range model has been developed. This model isproposed as an information security maturity model (ISMM) and it is intended as a tool to evaluate theability of organizations to meet the objectives of security.