Revision as of 23:52, 18 February 2017 edit Plastikspork (talk \| contribs) Edit filter managers, Administrators 260,138 edits Fix ← Previous edit		Revision as of 11:50, 7 March 2017 edit undo 85.115.53.201 (talk) No edit summary Next edit →
Line 3: '''The Open Group Architecture Framework''' ('''O-ISM3''') is an Information Security Management Framework that provides an approach for designing, planning, implementing, and governing information security management systems. The original motivation behind O-ISM3 development was to narrow the gap between theory and practice for information security management systems, and the trigger was the idea of linking security management and maturity models. O-ISM3 strove to keep clear of the pitfalls pointed out in the article “Designing Secure Information Systems and software: Critical Evaluation of the Existing Approaches and a New Paradigm,” by Mikko Siponen. The project looked at ~~CMMI~~[[Capability Maturity Model Integration]], ~~ISO9001~~[[ISO 9000]], [[COBIT]], [[ITIL]], ~~ISO27001~~[[ISO/IEC 27001:2013]], and other standards, and found some potential for improvement in several fields, such as linking security to business needs, using a process based approach, providing some additional details (who, what, why) for implementation and suggesting specific metrics, while preserving compatibility with current IT and security management standards. [[The Open Group]] provides O-ISM3 free of charge to ~~organizations~~organisations for their own internal noncommercial purposes. == External links ==

Open Information Security Management Maturity Model: Difference between revisions