论文信息 - Improving Operational Resilience Processes: The CERT Resilience Management Model

Improving Operational Resilience Processes: The CERT Resilience Management Model

The CERT® Resilience Management Model (CERT®-RMM) defines processes for managing operational resilience in complex, risk-evolving environments. The model encompasses and integrates activities from security, business continuity, and aspects of IT operations management. It provides a path for making operational resilience a repeatable, predictable, manageable, and improvable process over which an organization has a significant level of active and direct control. This paper describes the operational resilience management foundations of the model and the evolution of the model, and it provides an example of how the model might be used to manage and improve the resilience of information assets.

Julia H. Allen | Lisa R. Young | Richard A. Caralli | Pamela D. Curtis | David W. White

[1] S. B. Kiselev,et al. The capability maturity model: guidelines for improving the software process , 1995 .

[2] Cmmi Product Team. CMMI for Services, Version 1.2 , 2011 .

[3] David W. White. CERT Resiliency Engineering Framework , 2007 .

[4] Julia H. Allen,et al. Managing for Enterprise Security , 2004 .

[5] Julia H. Allen,et al. CERT Resilience Management Model, Version 1.0 , 2010 .

[6] Julia H. Allen,et al. CERT Resilience Management Model, Version 1.0 Improving Operational Resilience Processes , 2010 .

[7] Richard A. Caralli. Sustaining Operational Resiliency: A Process Improvement Approach to Security Management , 2006 .

[8] Christopher J. Alberts,et al. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Framework, Version 1.0 , 1999 .

[9] Cmmi Product Team. CMMI for Development, Version 1.2 , 2010 .

[10] Mark C. Paulk,et al. The Capability Maturity Model: Guidelines for Improving the Software Process , 1994 .