Abstract:
Information infrastructure is one of the most important assets in universities. With rapid
advancement in technology, it poses a challenge as adversaries have come up to attack information and
information systems. Most of the Information security attacks are normally targeted to organizations unaware
coupled with the fact that most of the higher educational institutions are not aware of their information security
posture. Therefore measuring the level of security of an organization would be vital in preparedness towards
information security. In this paperthe study proposes a framework for assessing university information security
maturity status. The said framework will take into consideration ISO 27001 by involving specific clauses
relevant to universities. The cumulative factors contributed from risk domains can then be used for computation
of information maturity.
