Information security is a complex discipline, and CISOs are responsible for compiling a vast array of controls and standards to plot a roadmap for improvements. However, CISOs can’t determine a path forward without first measuring their current information security program maturity. This report guides security and risk (S&R) pros through Forrester’s information security self-assessment so you can quickly determine where your firm is on its journey and discover which core competencies you need to strengthen or develop.