The purpose of this study was to establish security measures assessment criteria that link to the practices of the private sector. Research methods used to develop criteria development security measures for the private sector in this study were a document analysis and group discussion through a one-round focus group with eight security professionals. Data retrieved from documentary analysis and focus group were integratedly synthesized and analyzed to develop security measures assessment criteria. Results found five components that could be used to establish security measurement assessment criteria in a private organization, which include security-related technologies awareness, integration of architectural elements, security system, human resources management, and security practices. Delphi technique and factor analysis were recommended for the next research in order to develop the proper indictors for security measures assessment criteria for a private organization.