The UCF Information Assurance Compliance Maturity Model Index
The IACMMI™ describes a maturity model for determining your organization's capability to comply with information assurance laws, regulations, contractual obligations, and standards. The most common attributes you can assign when examining how well you establish, communicate, enforce, and maintain your controls are in the areas of:
-
Awareness – do you communicate the controls you are putting in place?
-
Policies and procedures – do you document those controls?
-
Responsibility and authority – do you assign the appropriate staff to carry out the controls?
-
Skills and expertise – do you train your staff to do their jobs?
-
Tools and automation – do you give them adequate tools, and are they using them appropriately?
- Metrics – do you measure a job well (or poorly) done?
If your organization is immature in these process attributes, it is immature at being compliant. You cannot be "compliant" and have little or no awareness campaigns about that which you are complying with. You cannot expect to be compliant if you have not assigned responsibility or authority. Or properly trained your staff. Your maturity model will give you a way to measure how well your processes are working.
In order to assist you in your compliance process, we created a webinar and a series of emails documenting the IACMMI. Both are free.
- View the webinar.
- Sign up for the free email series