search menu icon-carat-right cmu-wordmark

CERT Resilience Management Model, Version 1.0

Technical Report
In this report, the authors present CERT-RMM, an approach to managing operational resilience in complex, risk-evolving environments.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2010-TR-012
DOI (Digital Object Identifier)
10.1184/R1/6572204.v1

Abstract

Organizations in every sector—industry, government, and academia—are facing increasingly complex operational environments and dynamic risk environments. These demands conspire to force organizations to rethink how they manage operational risk and the resilience of critical business processes and services.  

The CERT® Resilience Management Model (CERT-RMM) is an innovative and transformative way to approach the challenge of managing operational resilience in complex, risk-evolving environments. It is the result of years of research into the ways that organizations manage the security and survivability of the assets that ensure mission success. It incorporates concepts from an established process improvement community to allow organizations to holistically mature their security, business continuity, and IT operations management capabilities and improve predictability and success in sustaining operations whenever disruption occurs.

This report describes the model’s key concepts, components, and process area relationships and provides guidance for applying the model to meet process improvement and other objectives. One process area is included in its entirety; the others are presented in outline form. All of the CERT-RMM process areas are available for download at www.cert.org/resilience.

Cite This Technical Report

Caralli, R., Allen, J., Curtis, P., White, D., & Young, L. (2010, May 1). CERT Resilience Management Model, Version 1.0. (Technical Report CMU/SEI-2010-TR-012). Retrieved June 14, 2024, from https://doi.org/10.1184/R1/6572204.v1.

@techreport{caralli_2010,
author={Caralli, Richard and Allen, Julia and Curtis, Pamela and White, David and Young, Lisa},
title={CERT Resilience Management Model, Version 1.0},
month={May},
year={2010},
number={CMU/SEI-2010-TR-012},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6572204.v1},
note={Accessed: 2024-Jun-14}
}

Caralli, Richard, Julia Allen, Pamela Curtis, David White, and Lisa Young. "CERT Resilience Management Model, Version 1.0." (CMU/SEI-2010-TR-012). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, May 1, 2010. https://doi.org/10.1184/R1/6572204.v1.

R. Caralli, J. Allen, P. Curtis, D. White, and L. Young, "CERT Resilience Management Model, Version 1.0," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2010-TR-012, 1-May-2010 [Online]. Available: https://doi.org/10.1184/R1/6572204.v1. [Accessed: 14-Jun-2024].

Caralli, Richard, Julia Allen, Pamela Curtis, David White, and Lisa Young. "CERT Resilience Management Model, Version 1.0." (Technical Report CMU/SEI-2010-TR-012). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 May. 2010. https://doi.org/10.1184/R1/6572204.v1. Accessed 14 Jun. 2024.

Caralli, Richard; Allen, Julia; Curtis, Pamela; White, David; & Young, Lisa. CERT Resilience Management Model, Version 1.0. CMU/SEI-2010-TR-012. Software Engineering Institute. 2010. https://doi.org/10.1184/R1/6572204.v1