Title :
An ISMS (Im)-Maturity Capability Model
Author :
Woodhouse, Steven
Author_Institution :
Charles Sturt Univ., Bathurst, NSW
Abstract :
Capability maturity models have been used to assess and guide process improvement initiatives for everything from software development to systems engineering, product acquisition, team management and information security to name a few. These models are based on process improvement and provide a framework to guide and measure the implementation and improvement of processes. In all of these models, the higher the level an organisation is assessed, the better (in theory) the organisation is at defining, assessing and improving their process capability This paper proposes a unique process maturity model for assessing the capability and maturity of processes that affect Information Security Management System (ISMS) within an organisation. The model describes nine levels of process maturity, four of which are below the existing five levels defined in most popular models.
Keywords :
organisational aspects; security of data; ISMS; capability maturity models; information security management system; product acquisition; software development; systems engineering; team management; Capability; ISMS; Maturity;
Conference_Titel :
Computer and Information Technology Workshops, 2008. CIT Workshops 2008. IEEE 8th International Conference on
Conference_Location :
Sydney, QLD
Print_ISBN :
978-0-7695-3242-4
Electronic_ISBN :
978-0-7695-3239-1
DOI :
10.1109/CIT.2008.Workshops.46
