The NIST
offers a standard procedure to review the security policy quality PRISMA which is based on the guide 800-53. The evaluation use 5 “maturity levels” :
- Policies
- Procedures
- Implementation
- Test
- Integration
Full details here. It can be used as a replacement of the minimalist Planning Protection Reaction scheme to evaluate the efficiency of your security policy.
0 Responses to “Security Maturity Levels”