Browsing by Author "Anass Rabii"

Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    Information and cyber security maturity models: a systematic literature review
    (2020) Anass Rabii; Saliha Assoul
    Purpose – This paper aims to clarify the uncertainty reflected in the current state of information security maturity evaluation where it has not enough matured and converged so that a generic approach or many specfics approaches become the go-to choice. In fact, in the past decade, many security maturity models are still being produced and remain unproven regardless of the existence of ISO 21827. Design/methodology/approach – The authors have used the systematic literature review to summarize existing research, help identify gaps in the existing literature and provide background for positioning new research studies.Findings – The authors highlighted the prevalent influence of the ISO/IEC 27001/27002 standard but raised the necessity for an in-depth investigation of ISO 21827. The authors also made the implementation facet a central topic of our review. The authors found out that, compared to the number of proposed models, implementation experiments are lacking. This could be due to the arduous task of validation and it could also be the reason why specific models are dominant. Originality/value – While the research literature contains many experience reports and a few case studies on information security maturity evaluation, a systematic review and synthesis of this growing field of research is unavailable as far as the authors know. In fact, the authors only picked-up one bodywork