Forrester offers new guide for information security program development
The research firm's new 123-point maturity model is intended to go beyond COBIT as a more comprehensive way to help companies find and fix gaps in their infosec programs.
The idea for a new maturity model came about when Forrester surveyed security risk customers, and an overwhelming number of those surveyed wanted a more comprehensive model. To that end, the Forrester model offers guidance on 25 functions or focus areas, while the COBIT model fully covers only 10, and COSO only seven.