The purpose of this paper is to provide several considerations to be taken into account when institutionalizing the information security(Infosec) pre-assessment. Infosec pre-assessment is a necessary process to embed the security requirements into the information systems at the early stages in their development, resulting in more cost-effective infosec. In order to provide some institutional issues, domestic infosec assessment schemes and U.S. Infosec certification and accreditation schemes are reviewed. Also, the current status of infosec implementation in the public information systems projects is analyzed. Based on the analyses, the seven suggestions are proposed in developing and performing the infosec pre-assessment scheme.