The purpose of this chapter is to present an integrated framework that addresses the need for organizational information security requirements as well as alignment between business, IT and information security strategies. This is achieved via the integrated use of control objectives for Information Technology (COBIT) and balanced scorecard (BSC) frameworks, in conjunction with Systems Security Engineering Capability Maturity Model (SSE-CMM) as a tool for performance measurement and evaluation, in order to ensure the adoption of a continuous improvement approach for successful sustainability. This integrated framework has been presented at the IEEE Symposium on Security & Privacy (2009) and the International Conference on Business/IT Alignment (2009). The goal is to investigate the strengths, implementation techniques, and potential benefits of such an integrated approach. The integrated use of COBIT, BSC, and SSE-CMM can provide a more comprehensive mechanism for strategic information security management–one that is fully aligned with business, IT, and information security strategies.