IP3 2025 – Information Security (Lot 16391)

This lot is generally related to a technique for measuring information-security-controlling status by collecting compliance data across domains to help assess and monitor the organization’s security posture effectively, help identify weak areas and prioritize corrective actions, enable data-driven security assessment across organizational domains, and facilitate improvement of information security status. Disclosed is a technique for measuring the information-security-controlling status of a parent organization by collecting actual inspection data across its domains. The system computes security scores for each domain based on control item significance, compliance levels, and manager-defined weightings. Also disclosed are techniques to calculate a final score for the organization using weighted averages of compliance across significance grades to enable comprehensive evaluation and reporting of overall security. The technology may be implemented in enterprise information security management systems, multinational organization risk evaluation systems, third-party security assessment systems, etc.