Evandro Alencar Rigon,  Carla Merkle Westphall. 

Business processes are supported by information technologies,although many processes and information systems were not designed to besecure. The lack of a security evaluation method might expose organizationsto several risky situations. This work presents an information security maturitymanagement process which uses a measurement method and a set of controlswhich treats information security on a comprehensive way. The resultsindicate that the method is efficient for evaluating the current state ofinformation security, to support information security management, risksidentification and business and internal control processes.

http://www.lbd.dcc.ufmg.br/colecoes/sbsi/2011/modelodeavalicao.pdf

Processando consulta.