loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Rabii Anass 1 ; Assoul Saliha 2 and Roudiès Ounsa 1

Affiliations: 1 Mohammed V University in Rabat, EMI, Siweb Team, Morocco ; 2 Mohammed V University in Rabat, ENSMR, Siweb Team, Morocco

Keyword(s): Information Security, Cyber Security, Information Systems, Maturity Model, ISO 21827, SSECMM, CCSMM, MMISS-SME.

Abstract: Ever since the success of maturity models in software engineering, the creation of security maturity models began enlarging the choice pool for organizations. Yet their implementation rate has been low and their impact difficult to perceive. This security maturity model choice grew even larger in the last decade regardless of the existence of the standard security maturity model ISO 21827. Amongst governmental approaches, CCSMM is the US national security maturity model supported by a presidential policy for national preparedness. MMISS-SME is one of the only validated security maturity model created by academia between 2007 and 2018. Our research aims to study the added value and compliance of CCSMM and MMISS-SME with the ISO 21827 standard and their shared core concepts. We presented each security maturity model’s main lines and modeled their core concepts. Our study shows that the standard encompasses all security engineering concepts yet leaving room for characterization and cust omization to the organizations. However, CCSMM and MMISS-SME provide nuances in both functions and concepts seeing that they were created for specific contexts such as SMEs or the US local government and their vital organisms. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.212.87.137

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Anass, R.; Saliha, A. and Ounsa, R. (2020). A Concept & Compliance Study of Security Maturity Models with ISO 21827. In Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS; ISBN 978-989-758-423-7; ISSN 2184-4992, SciTePress, pages 385-392. DOI: 10.5220/0009569703850392

@conference{iceis20,
author={Rabii Anass. and Assoul Saliha. and Roudiès Ounsa.},
title={A Concept & Compliance Study of Security Maturity Models with ISO 21827},
booktitle={Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS},
year={2020},
pages={385-392},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009569703850392},
isbn={978-989-758-423-7},
issn={2184-4992},
}

TY - CONF

JO - Proceedings of the 22nd International Conference on Enterprise Information Systems - Volume 2: ICEIS
TI - A Concept & Compliance Study of Security Maturity Models with ISO 21827
SN - 978-989-758-423-7
IS - 2184-4992
AU - Anass, R.
AU - Saliha, A.
AU - Ounsa, R.
PY - 2020
SP - 385
EP - 392
DO - 10.5220/0009569703850392
PB - SciTePress