COMPUTER SCIENCE
and ENGINEERING

In the process of the enterprise information security management in large enterprises, they have been produced the study requirement for information security maturity management evaluation. Here we propose an evaluating model of information security management maturity level, including information security rules, information security planning, information security organization, information security execution results as four aspects of evaluation elements, and a evaluating process with definite responsibility, well-designed rules, clear process and effective implementation, good reviews, the model has been applied in large enterprises and will improve the information security management level.

Evaluation model, Information security, Capability maturity mode