A Maturity Model for Information Security Management in Small and Medium-Sized Moroccan Enterprises: An Empirical Investigation
Main Article Content
Abstract
Today, security concerns are at the heart of information systems, both at technological and organizational levels. So, Information Security has become an essential support for the business strategy of organization. Therefore, many studies on information security have been carried out. Some refer specifically to maturity models of information security management (ISM). Starting from an analysis of existing literature, Matrane and al. have developed a new maturity model for information security management. In this paper, we aim to validate this maturity model, which leads to determine the level of maturity in security information management. This model will be validated by two approaches. The first is a pilot test of the new maturity model of (ISM) in a Moroccan medium-sized enterprise (SMEs), in order to demonstrate its capacity of assessing the maturity of ISM and whether it can develop an improvement roadmap. The second is an empirical investigation in Moroccan SMEs by using a survey to depict whether it can evaluate the maturity of (ISM) in different industries.
Â
Keywords: Maturity Models, Information Security, Management, Roadmap, Pilot test, empirical investigation.
Downloads
Article Details
COPYRIGHT
Submission of a manuscript implies: that the work described has not been published before, that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication, the authors agree to automatic transfer of the copyright to the publisher.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work
- The journal allows the author(s) to retain publishing rights without restrictions.
- The journal allows the author(s) to hold the copyright without restrictions.