eGovernment Maturity Models (eGMMs) are widely used in the implementation and development of eGovernment systems. Motivated in part by legislation, scholarship has contributed significantly to its development with specific organizational agendas or to address narrowly defined areas. However, despite its pervasiveness, there lacks an approach that adequately addresses and integrates security into eGMMs at the various stages. Based on an extensive review of eGMMs, this research seeks to address a void in the available body of knowledge on eGMMs and proposes a model that integrates security into eGMMs at the various stages with an eGovernment System Security Model (eGSSM). The eGSSM is a theoretical framework, which is multidimensional in construct and employs a risk-based approach to integrating security into eGMMs. The key component to this model is the eGovernment Maturity Trigger. This trigger assesses a government's ability to address Key Domain Areas within the eGovernment Stage Process Maturity (eGSPM) and mitigate security risk using the National Institute of Standards and Technology, Risk Management Framework (NIST RMF) in the eGovernment Security Risk Maturity (eGSRM). Define, Measure, Analyse, Improve and Control (DMAIC) principles are applied for measuring, controlling and reporting process performance, to achieve an optimal capability level that will trigger maturity and onward progression to the successive stages.