Summary
This document is a guide detailing the Security Maturity Assessment (SMA) developed by Secura to help organizations evaluate their information security maturity. The SMA aims to provide organizations with a baseline of their current security status, identify risks, and monitor progress over time. It encompasses three key pillars of cybersecurity: people, process, and technology, and is based on international standards, allowing for comparison with other organizations. The assessment process begins with understanding the organization’s goals and complexity, followed by a customized risk inventory. The execution phase involves defining metrics for various controls according to established frameworks, leading to the assignment of maturity levels based on the Capability Maturity Model (CMM). Upon completion, a report is generated that includes a management summary of findings, identified gaps, and an overall maturity score. The SMA also offers optional services such as risk assessments and improvement plans to enhance security maturity.
