Open Information Security Management Maturity Model (O-Ism3)

All businesses need information security to protect our systems from the risk of threats. This Open Information Security Management Maturity Model (O-ISM3) supports information security practitioners in this fundamental task by covering the key areas required to minimise these threats: Risk Management: identifying and estimating levels of exposure to the likelihood of loss and how to manage those risks of loss; Security Controls: crafting the IT Security Policy which assures operations are as secure as they need to be; Security Management: supporting the selection, maintenance, and overall Security Policy for the security controls deployed in a business enterprise. The O-ISM3 standard focuses on the common processes of information security. It is technology-neutral, very practical and considers the business aspect in depth. This means that practitioners can use O-ISM3 with a wide variety of protection techniques used in the marketplace.