Open Information Security Management Maturity Model

The Open Group Information Security Management Maturity Model (O-ISM3) is a maturity model for managing information security. It aims to ensure that security processes in any organization are implemented so as to operate at a level consistent with that organization’s business requirements. O-ISM3 defines a comprehensive but manageable number of information security processes sufficient for the needs of most organizations, with the relevant security control(s) being identified within each process as an essential subset of that process.