Maturity Assessment, Profile, and Plan

Learn the MAPP methodology for managing security as a business

While the information security industry has undergone convulsive change, it is coalescing around maturity-based management of key business processes. The MAPP approach provides practical implementation of the maturity model.

This paper describes a three-step maturity-centric approach—Maturity Assessment, a Profile, and a Plan (MAPP). An information security MAPP empowers the CISO to evaluate, track, report, and strategize the organization’s security priorities.


Christophe Veltsos, Ph.D., is an associate professor in the Department of Computer Information Science at Minnesota State University, Mankato, where he regularly teaches Information Security and Information Warfare classes. Beyond the classroom, Chris is also very active in the security community, engaging with community groups and advising business leaders on how to best manage information security risks. Follow Dr. Veltsos on Twitter at @DrInfoSec.


Get Your Copy of the White Paper