Skip to main content

Information Security Management

The Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security and was developed in conjuncture with the ISM3 Consortium. O-ISM3 aims to ensure that security processes operate at a level consistent with business requirements. O-ISM3 is technology-neutral and focuses on the common processes of information security which most organizations share. As well as complementing the TOGAF model for enterprise architecture, O-ISM3 defines operational metrics and their allowable variances. Additional resources for O-ISM3 are available on the O-ISM3 website.

 

Standard

Guides

White Papers

Webinars

 

* denotes a document that has been archived, meaning that the contents remain sound and may be useful to inform future work but there are no plans to update the document.

† denotes a document that has been retired, meaning that the contents are historical and are unlikely to inform future work.

 

Return to Security Forum