A company’s information system’s security is one of its main challenges. Protecting its information and assets is one of the key success factors for a company. By underestimating the potential consequences of security mismanagement, a company exposes itself to risks to its value, its image, etc. As a critical issue for companies, security is something we seek to ensure and improve constantly.
The security maturity model developed by Devoteam measures a company’s maturity in order to define, in collaboration with security actors, a transversal action plan to optimize maturity and thereby meet security challenges.
This white paper presents the results of our research on maturity modeling applied to information system security. We consider it important to lay the foundations of a maturity model that distinguishes itself from the standard model by its more pragmatic approach.