772 Copyright © 2015, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. Chapter 36 DOI: 10.4018/978-1-4666-8111-8.ch036 Integrated Security Process Improvement Framework for Systems and Services ABSTRACT Security of systems and services has been dominant research area in recent years as today’s cloud services, big data and networked systems, especially when they provide wireless application access where personal and confdential data to be transmitted across the networked systems. Numerous tools and technologies are available to ensure system’s security; however, external threats to computer systems and applications residents thereon, are also becoming more and more sophisticated and on the increase. Therefore, the key aim of this research is to integrate security engineering techniques and process with systems devel- opment life-cycle and process improvement frameworks. This paper presents a framework that consists of two components: 1) a security assessment model to looks at the existing security infrastructure of an organisation to determine its security maturity level; and 2) a security improvement maturity model to suggest an improvement mechanism for the organisation to progress from one maturity level to the next higher level. The intention is to provide a scheme to improve the organisation’s Systems and network security with the aim that it becomes more efcient and efective than before. 1. INTRODUCTION In the information society of the 21 st century, the information and communication technologies have revolutionised human lives. Wireless telephony, cloud computing, mobile clouds, electronic com- merce and online transactions are now common place and within easy reach of general public. All this has become possible through the prolifera- tion of computing technologies and use of the Systems. There is no doubt that World Wide Web, or the Systems, is the binding and enabling force behind all this. Since the use of the Systems is growing, the demand for the associated products, applications and services is also growing. As a bi-product, the concerns with respect to the security of in- formation, confidentiality of data and reliability of services are also growing. Previously, when the computing systems were used as standalone Muthu Ramachandran Leeds Metropolitan University, UK