Skip to Main Content
Managing information security within an organization is becoming a very complex task. The information security posture assessment is performed by using frameworks, methodologies or standards considering the subject separately. The model proposed within the paper aims to holistically consider all the security dimension. This is because the security level is as strong as the weakest link is. In order to minimize the likelihood that a given threat takes advantage of the weakest link a formalized structure taking into account all security elements is needed. The proposed model is based on and integrates some security best practices and standards in order to define an assured Information Security Categorization. From this point, an assessment process should be performed, giving the evidence that the information security within a given organization, is thoroughly managed.