Assessment methodology on maturity level of ISMS

This paper suggests the evaluation methodology for ISMS (information security management systems) considering technical, managerial, and operational aspects of information security. This methodology includes the evaluation indices, process, and maturity model. We also provide the case study to prove its practical values. This methodology could be used effectively to analyze and evaluate the ISMS of various enterprises.