The Information Security Governance Diagnostic Tool can be used to assess a current information security governance (ISG) framework against the ISF’s framework for ISG. It offers a fact-based analysis of the current maturity of ISG in an enterprise.
Organisations can use the spreadsheet-based diagnostic tool to stimulate thought and debate about ISG and how it is implemented and managed in their enterprise. The diagnostic allows organisations to:
- Compare their ISG framework against the ISF’s framework for ISG
- Identify gaps or areas requiring enhancement
- Assess the maturity of their ISG against a five-model
- Initiate a programme to close any gaps between the required and actual status of ISG.