Isfam: the Information Security Focus Area Maturity Model
نویسندگان
چکیده
Information security is mainly a topic that is considered to be information technology related. However, to successfully implement information security, an organization’s information security program should reflect the business strategy. Nowadays information security is in many companies enforced by the information technology department, based on what they think should be in place to protect their business from inside and outside threats and risks. Additionally, information security covers many different subjects. This makes it especially hard for small and medium sized organizations to determine how they should design their information security program. Therefore, we present the Information Security Focus Area Maturity Model (ISFAM). By identifying dependencies between various aspects of information security and representing them coherently in the ISFAM, the model is capable of determining the current information security maturity level. Involving the ISFAM model in the design process of an organization’s information security program enables organizations to set up high level guidelines based on their current status. These guidelines can be used to incrementally and structurally improve information security maturity within the organization. We have successfully evaluated the ISFAM assessment model through a single case study at a medium sized telecommunications organization.
منابع مشابه
Identifying the Challenges of the Blockchain Technology Maturity Model in Health-Oriented Organizations
Introduction: Blockchain is a widely used technology in the health area; however, it also comes with challenges. By identifying these challenges, the road to blockchain maturity can be made smoother in this field. This study aimed to identify the challenges of the blockchain technology maturity model in health-oriented organizations. Method: In this phenomenological qualitative study, experts i...
متن کاملIdentifying the Challenges of the Blockchain Technology Maturity Model in Health-Oriented Organizations
Introduction: Blockchain is a widely used technology in the health area; however, it also comes with challenges. By identifying these challenges, the road to blockchain maturity can be made smoother in this field. This study aimed to identify the challenges of the blockchain technology maturity model in health-oriented organizations. Method: In this phenomenological qualitative study, experts i...
متن کاملTowards maturity of information security maturity criteria: six lessons learned from software maturity criteria
Traditionally , information security management standards listing generic means of protection have received a lot of attention in the field of information security management. In the background a few information security management-oriente d maturity criteria have been laid down. These criteria can be regarded as the latest promising innovations on the information security checklist standard fa...
متن کاملAn Instrument for the Development of the Enterprise Architecture Practice
In this paper we introduce an architecture maturity model for the domain of enterprise architecture. The model differs from other existing models in that it departs from the standard 5-level approach. It distinguishes 18 factors, called key areas, which are relevant to developing an architectural practice. Each key area has its own maturity development path that is balanced against the maturity...
متن کاملA Focus Area Maturity Model for a Statewide Master Person Index
OBJECTIVE The sharing of personally identifiable information across organizational boundaries to facilitate patient identification in Utah presents significant policy challenges. Our objective was to create a focus area maturity model to describe and evaluate our progress in developing a policy framework to support a statewide master person index (sMPI) for healthcare and public health operatio...
متن کامل