The Open Group Information Security Management Maturity Model (O-ISM3)
"O-ISM3 - Managing Information Security"
You are here: Security Forum > O-ISM3

Welcome to the O-ISM3 Website

Today, Information Security Management System (ISMS) professionals are challenged on many fronts. Beyond keeping up with vulnerabilities, threats, controls, and audit/compliance, making ISMS “less an art and more a science” is a critical need for most organizations, so using credible metrics to evidence effective ISMS performance is a key requirement.

The Open Group O-ISM3 standard specifies processes that include all relevant security controls compatible with ISO 27000, supported by metrics which evidence ISMS performance.

PDF edition (Free): O-ISM3 on The Open Group publications catalog
Print edition: O-ISM3 at Van Haren
Kindle edition: O-ISM3 at Amazon

Review by C. Paidhrin: "As an IT Security manager, I'm driven by divergent priorities and demands. Having O-ISM3 on my Kindle, as a ready reference, helps me to maintain focus on what aligns with better practices. Every value-add service should have an associated maturity model. O-ISM3 is a respectable alternative to COBIT5, though I use COBIT5, and it aligns well with ITIL--the essential IT service delivery framework. There is no better, or more clear a maturity model for the price."

Education

 

Compatiblity

Success Cases

Articles

 

 

About ISM3:
This short About ISM3 paper summarizes the Challenges for efficient Security Management today, the ISM3 approach to those challenges, the O-ISM3 standard, Optimizing ISO/IEC27001 Using O-ISM3, Using O-ISM3 with TOGAF or with SABSA, and how to use O-ISM3 to implement the CPNI 20 Critical Security Controls for Effective Cyber Defense.

Obtain copy:

Public Mail List: ISM3 Users

Linkedin Group: O-ISM3 Group

Webinars:

  • The Open Group’s O-ISM3 Webinar Series
    Select from the list available via this link:
      D025    O-ISM3 Implementation and Case Study
      D023    O-ISM3 Implementation and Case Study
      D022    Deep Dive on O-ISM3 – Tactical-Specific Processes Overview
      D021    Deep Dive on O-ISM3 – Process Model, Generic & Strategic Processes
      D019    Deep Dive on O-ISM3 – Business Context and Security Concepts
      D017    An Introduction to O-ISM3
  • IS027001.ES (Spanish)

Use Cases:

Articles:

Twitter: Vaceituno

Video: Youtube Channel

Queries/Feedback/Get Involved? - email ogsecurity-interest@opengroup.org.

 

 

Recent News  
(No Recent News available)
Forthcoming/Recent Events  
Previous MonthDecember 2017
 
Next Month
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
      
Timezone: EST - America/New_York

Design Document  
24-Jan-14 (latest change) 1 Documents
  Show/Hide
03-May-12 About ISM3 pdf  
 more
Contacts

Email us at ogsecurity-interest@opengroup.org

 

If you experience any problems with broken links, or incorrect or unexpected functionality, click here to request help.
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page
  PHPlato: 2.0 (635) [p]