Information Security Management Maturity Models
Nаtalia Miloslavskaya, Svetlana Tolstaya
Abstract
Several maturity models for organizations, their subsystems and processes, for example, information security (IS) incident management are known. Continuing our earlier analysis of the most common maturity models (MMs), models and approaches to assessing the maturity level (ML) of organization's IS management (ISM) maturity, namely The Bank of Russia's ISM MM, ISMS Maturity Capability Model, NIST's IS MM, Open Group's ISM MM, Gartner's Security and Risk Management ML assessment, IS Risk Management Process MM, Security Incident Management Models, and IS Monitoring MM, are selected for consideration within the framework of this research.
Topics & Concepts
Maturity (psychological)Capability Maturity ModelComputer scienceNISTService Integration Maturity ModelInformation security managementInformation securityComputer securityProcess (computing)Process managementSecurity managementIncident managementRisk managementRisk analysis (engineering)Security information and event managementBusinessCloud computing securityFinancePsychologySoftwareDevelopmental psychologyProgramming languageCloud computingOperating systemNatural language processingSoftware Engineering Techniques and PracticesInformation and Cyber SecurityBig Data and Business Intelligence