Personal tools
You are here: Home Networks and Security News ISM3 Released
Document Actions

ISM3 Released

by Ryan Talabis last modified 2006-05-04 09:58 AM

The publication of ISM3 v1.20 (Information Security Management Maturity Model, pronounced ISM cubed) offers many advantages for information security management systems. ISM3 can be used standalone or enhance systems based on ITIL, ISO27001 or Cobit.

The principal approach of ISM3 is based on “Achievable Security” rather than “Absolute Security”. By achievable security, ISM3 intends that the objective of Information Security should ensure the realization of business objectives. The traditional view that “Information Security is to prevent attacks” is not realistic. ISM3 achieves this by mapping the business objectives (e.g. deliver products on time) of an organization directly to security objectives (e.g. ensure database access only to authorized users).

More on: http://www.ism3.com/
 
Powered by Plone Section 508 WCAG Valid CSS Usable in any browser IOSN

Copyright respective authors. Unless otherwise specified, content licensed under Creative Commons Attribution License.

Legal Disclaimer