search menu icon-carat-right cmu-wordmark

Defining a Maturity Scale for Governing Operational Resilience

Technical Note
Governing operational resilience requires the appropriate level of sponsorship, a commitment to strategic planning that includes resilience objectives, and proper oversight of operational resilience activities.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2015-TN-004

Abstract

Achieving operational resilience in today’s environment is becoming increasingly complex as the pace of technology and innovation continues to accelerate. Sponsorship, strategic planning, and oversight of operational resilience are the most crucial activities in developing and implementing an effective operational resilience management (ORM) system. These governance activities are described in detail in the CERT® Resilience Management Model enterprise focus (EF) process area (PA). To ensure operational resilience, an organization must identify shortfalls across these defined activities, make incremental improvements, and measure improvement against a defined, accepted maturity scale. The current version of the CERT Resilience Management Model (CERT-RMM V1.2) utilizes a maturity architecture (levels and descriptions) that may not meet the granularity needs for organizations committed to making incremental improvements in governing operational resilience. To achieve a more granular approach, the CERT-RMM Maturity Indicator Level (MIL) scale was developed for application across all CERT-RMM PAs. The CERT Division of Carnegie Mellon University’s Software Engineering Institute is conducting ongoing research around the current state of the practice of governing operational resilience and developing specific actionable steps for improving the governance of operational resilience. Study results provide the specific EF PA MIL scale for assessing maturity, identifying incremental improvements, and measuring improvements.

Cite This Technical Note

Stewart, K., Allen, J., Dorofee, A., Valdez, M., & Young, L. (2015, March 19). Defining a Maturity Scale for Governing Operational Resilience. (Technical Note CMU/SEI-2015-TN-004). Retrieved December 5, 2023, from https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/.

@techreport{stewart_2015,
author={Stewart, Katie and Allen, Julia and Dorofee, Audrey and Valdez, Michelle and Young, Lisa},
title={Defining a Maturity Scale for Governing Operational Resilience},
month={Mar},
year={2015},
number={CMU/SEI-2015-TN-004},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/},
note={Accessed: 2023-Dec-5}
}

Stewart, Katie, Julia Allen, Audrey Dorofee, Michelle Valdez, and Lisa Young. "Defining a Maturity Scale for Governing Operational Resilience." (CMU/SEI-2015-TN-004). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, March 19, 2015. https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/.

K. Stewart, J. Allen, A. Dorofee, M. Valdez, and L. Young, "Defining a Maturity Scale for Governing Operational Resilience," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2015-TN-004, 19-Mar-2015 [Online]. Available: https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/. [Accessed: 5-Dec-2023].

Stewart, Katie, Julia Allen, Audrey Dorofee, Michelle Valdez, and Lisa Young. "Defining a Maturity Scale for Governing Operational Resilience." (Technical Note CMU/SEI-2015-TN-004). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 19 Mar. 2015. https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/. Accessed 5 Dec. 2023.

Stewart, Katie; Allen, Julia; Dorofee, Audrey; Valdez, Michelle; & Young, Lisa. Defining a Maturity Scale for Governing Operational Resilience. CMU/SEI-2015-TN-004. Software Engineering Institute. 2015. https://insights.sei.cmu.edu/library/defining-a-maturity-scale-for-governing-operational-resilience/