The Information Security Governance Diagnostic Tool can be used to assess a current information security governance (ISG) framework against the ISF’s framework for ISG. It offers a fact-based analysis of the current maturity of ISG in an enterprise.

Organisations can use the spreadsheet-based diagnostic tool to stimulate thought and debate about ISG and how it is implemented and managed in their enterprise. The diagnostic allows organisations to:

  • Compare their ISG framework against the ISF’s framework for ISG
  • Identify gaps or areas requiring enhancement
  • Assess the maturity of their ISG against a five-model
  • Initiate a programme to close any gaps between the required and actual status of ISG.

Executive Summary

Information Security<br data-src=