About O-ISM3

O-ISM3 is an information security management maturity standard published by The Open Group, a leader in the development of open, vendor-neutral IT standards and certifications. The O-ISM3 Standard defines security processes for managing an enterprise’s Information Security Management System (ISMS). The O-ISM3 Standard places the onus on the business to define its required business security targets in its Security Policy, and then offers a set of security management processes from which the business selects which ones to deploy in a coherent ISMS.