This publication is a thesis research Submitted in partial fulfillment of the requirements for the Degree of Master of Science in Information Technology at Strathmore University. The topic is addressing the challenges related to justification of system security investment when the perception of cost benefit of the security project differs respectively from one stakeholder (top management, IT/security manager, end-users, etc.) to another. Further, Cost-Benefit Analysis (CBA) is very difficult to perform with exactitude because of the intangibility of security mechanism cost and benefits therefore it is worth to fully depend on it for investment decision making. The Role of Cost-Benefit Analysis (CBA) of Information Security Measures for Investment Justification is seeking to draw line around CBA’s limitation. It develops a framework of decision making of information security investment based on the CBA.