Revision as of 21:38, 31 August 2020 edit Ghettoblaster (talk \| contribs) Extended confirmed users 19,881 edits mNo edit summary ← Previous edit		Revision as of 20:26, 8 April 2021 edit undo Citation bot (talk \| contribs) Bots 5,867,127 edits Misc citation tidying. \| Use this bot. Report bugs. \| Suggested by Jonesey95 \| Category:CS1 errors: empty unknown parameters \| via #UCB_Category 67/307 Next edit →
Line 4: The original motivation behind O-ISM3 development was to narrow the gap between theory and practice for information security management systems, and the trigger was the idea of linking security management and maturity models. O-ISM3 strove to keep clear of a number of pitfalls with previous approaches.<ref name="mikko">Siponen, Mikko (2002-08-24). Designing Secure Information Systems and Software: Critical evaluation of the existing approaches and a new paradigm. ''OULU 2002'', 24 August 2002. Retrieved from http://jultika.oulu.fi/files/isbn9514267907.pdf.</ref> The {{cite web\|url=https://www.ism3.com/node/42\|\|title=O-ISM3}} website indicates that the project looked at [[Capability Maturity Model Integration]], [[ISO 9000]], [[COBIT]], [[ITIL]], [[ISO/IEC 27001:2013]], and other standards, and found some potential for improvement in several fields, such as linking security to business needs, using a process based approach, providing some additional details (who, what, why) for implementation, and suggesting specific metrics, while preserving compatibility with the most popular IT and security management standards. == Availability == The Open Group provides the standard {{cite web\|url=https://publications.opengroup.org/c17b\|\|title=O-ISM3 v.20}} free of charge. == References ==

Open Information Security Management Maturity Model: Difference between revisions