An Information Security Maturity Evaluation Mode

Abstract Information security is very important because it aims to protect the user from any threats and risks, thus to make the information access is safe, reliable and confidential and to ensure that the information security policy can be carried out by organizations. Yet usually, organizations fail to implement these information security policies. This paper put forward a measurement model of information security evaluation, which includes three levels to decide the maturity level of the information security of an organization. This model adopts the systematic literature (SLR) to determine the appropriate measurement instrument parameters to identify the parameter combination. This model can be determined by the organization of the maturity level in security information, which enables the organization to improve their current information security measures.