search menu icon-carat-right cmu-wordmark

Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes

Technical Report
In this 2007 report, the authors explore the transformation of security and business continuity into processes to support and sustain operational resiliency.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2007-TR-009
DOI (Digital Object Identifier)
10.1184/R1/6574805.v1

Abstract

As security issues dominate news headlines and affect our daily lives, organizations need to improve their ability to protect and sustain their business-critical assets, people, information, technology, and facilities using human and financial resources efficiently and effectively. Traditional activities such as security and business continuity must not only be effective at achieving these goals but also must offer the organization increased capabilities for managing and controlling operational resiliency. Unfortunately, organizations often manage these activities in a reactive posture fraught with stove-piped organizational structures and poorly defined and measured goals. The result: potentially less-than-adequate operational resiliency to support business objectives. But organizations can vastly improve operational resiliency by viewing it as an engineering-based process that can be defined, managed, measured, and improved. This view ensures collaboration between security and business continuity activities toward common goals and considers the role of supporting activities such as governance, asset and risk management, and financial control. This report introduces the CERT Resiliency Engineering Framework as a foundational model that describes the essential processes for managing operational resiliency, provides a structure from which an organization can begin process improvement of its security and business continuity efforts, and catalyzes the formation of a community from which further definition of this emerging discipline can evolve.

Cite This Technical Report

Caralli, R., Stevens, J., Wallen, C., White, D., Wilson, W., & Young, L. (2007, May 1). Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes. (Technical Report CMU/SEI-2007-TR-009). Retrieved April 18, 2024, from https://doi.org/10.1184/R1/6574805.v1.

@techreport{caralli_2007,
author={Caralli, Richard and Stevens, James and Wallen, Charles and White, David and Wilson, William and Young, Lisa},
title={Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes},
month={May},
year={2007},
number={CMU/SEI-2007-TR-009},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6574805.v1},
note={Accessed: 2024-Apr-18}
}

Caralli, Richard, James Stevens, Charles Wallen, David White, William Wilson, and Lisa Young. "Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes." (CMU/SEI-2007-TR-009). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, May 1, 2007. https://doi.org/10.1184/R1/6574805.v1.

R. Caralli, J. Stevens, C. Wallen, D. White, W. Wilson, and L. Young, "Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2007-TR-009, 1-May-2007 [Online]. Available: https://doi.org/10.1184/R1/6574805.v1. [Accessed: 18-Apr-2024].

Caralli, Richard, James Stevens, Charles Wallen, David White, William Wilson, and Lisa Young. "Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes." (Technical Report CMU/SEI-2007-TR-009). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 May. 2007. https://doi.org/10.1184/R1/6574805.v1. Accessed 18 Apr. 2024.

Caralli, Richard; Stevens, James; Wallen, Charles; White, David; Wilson, William; & Young, Lisa. Introducing the CERT® Resiliency Engineering Framework: Improving the Security and Sustainability Processes. CMU/SEI-2007-TR-009. Software Engineering Institute. 2007. https://doi.org/10.1184/R1/6574805.v1