An Assessment of ISMS Process Maturity based on Readiness and Awareness of team members of selected IT Organizations

Abstract

The growth of computers and of information technology has been explosive. As a result, information technology has been widely applied in every aspect of our life—from business, government, education, finance, health-care, aerospace to national defence. Computers, especially networked computers, have brought benefits to us and improved our lives. However, surveys and reports from various industry associations and security organizations suggested that only a few organizations can successfully protect their information assets. Organizations realize that information security is a complex issue, involving both human and technical factors. This paper is an attempt to empirically assess the maturity of Information Security Management System (ISMS) implementation in selected IT Service organizations in terms of confidence of their employees on their Information Security Management System.