Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale
• Technical Note
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2013-TN-028DOI (Digital Object Identifier)
10.1184/R1/6571847.v1Abstract
A maturity model is a set of characteristics, attributes, indicators, or patterns that represent progression and achievement in a particular domain or discipline. Maturity models typically have levels arranged in an evolutionary scale that defines measurable transitions from one level of maturity to another. The current version of the CERT Resilience Management Model (CERT-RMM v1.2) utilizes the maturity architecture (levels and descriptions) as provided in the Capability Maturity Model Integration (CMMI) constellation models to ensure consistency with CMMI. The spacing between maturity levels often causes CERT-RMM practitioners some difficulty. To address some of these issues, the CERT Division of Carnegie Mellon University's Software Engineering Institute did a comprehensive review of the existing specific and generic goals and practices in CERT-RMM to determine if a better scale could be developed to help users of the model show incremental improvement in maturity without breaking the original intent of the CMMI maturity levels. This technical note presents the results: the maturity indicator level scale, or CERT-RMM MIL scale.
Part of a Collection
CERT-RMM Webinar Collection
CERT-RMM Related Assets
Resilience Management Related Assets
Cite This Technical Note
Butkovic, M., & Caralli, R. (2013, November 7). Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale. (Technical Note CMU/SEI-2013-TN-028). Retrieved November 9, 2024, from https://doi.org/10.1184/R1/6571847.v1.
@techreport{butkovic_2013,
author={Butkovic, Matthew and Caralli, Richard},
title={Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale},
month={{Nov},
year={{2013},
number={{CMU/SEI-2013-TN-028},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6571847.v1},
note={Accessed: 2024-Nov-9}
}
Butkovic, Matthew, and Richard Caralli. "Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale." (CMU/SEI-2013-TN-028). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, November 7, 2013. https://doi.org/10.1184/R1/6571847.v1.
M. Butkovic, and R. Caralli, "Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2013-TN-028, 7-Nov-2013 [Online]. Available: https://doi.org/10.1184/R1/6571847.v1. [Accessed: 9-Nov-2024].
Butkovic, Matthew, and Richard Caralli. "Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale." (Technical Note CMU/SEI-2013-TN-028). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 7 Nov. 2013. https://doi.org/10.1184/R1/6571847.v1. Accessed 9 Nov. 2024.
Butkovic, Matthew; & Caralli, Richard. Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale. CMU/SEI-2013-TN-028. Software Engineering Institute. 2013. https://doi.org/10.1184/R1/6571847.v1