Eesti Infoturbestandardi (E-ITS) põhine turbe hindamise instrument / 
Estonian Information security Standard (E-ITS) based security level evaluation instrument

README

Instrument on mõeldud organisatsioonide või äriprotsesside infoturbe taseme hindamiseks.
Nõuded instrumentidele olid:
1. Hõlmab laia pilti turvalisusega seotud teemadest
2. On mõõdetav ja võrreldav.
3. On kiire ja lihtne rakendada.
4. On vastavuses turvastandardiga.
Instrument põhineb Eesti Infoturbe Standardi (E-ITS) raamistikku kasutaval küpsusmudelil. Vaata https://eits.ria.ee/.
Instrumendi dimensioonideks jagamisel on kasutatud E-ITSi moodulgruppe. E-ITS-i moodulite sees meetmed jagatud põhi- ja standardmeetmeteks - instrumendis on E-ITS-i põhimeetmed omakorda jagatud kolme astme vahel. Standard tase on otse üle võetud standardmeetmetest.
Andmebaasifail sisaldab juhendit, kuidas instrumendi kasutaja peaks väiteid hindama.
Instrument loodi disaini uurimise metoodikat järgides, mis põhjustas mitmeid iteratsioone ja versioone.

Kontakt: Mari Seeba mari.seeba@ut.ee

---

The tool is designed to evaluate the information security level of organizations or business processes.
Requirements for the tool are:
1.	It should cover a wide area of security-related topics
2.	It should be quantifiable and comparable.   
3.	It should be quick and easy to implement. 
4.	It should be aligned with a security standard. 
The tool is based on the maturity model framework using the Estonian Information Security Standard (E-ITS) content. See https://eits.ria.ee/.
The module groups of E-ITS have been used as the dimensions of the tool. 
The maturity levels of the tool are designed based on E-ITS modules security measures, which are divided into basic and standard security measures groups. In the tool, the E-ITS basic measures are additionally divided into three levels (Initial, Defined and Basic). Standard group measures align to Standard level. 
The file contains the guideline on how to evaluate the statements coverage.
The instrument was created following the design research methodology, which caused several iterations and versions.

Contact information: Mari Seeba mari.seeba@ut.ee