Advanced Search

Content Type

Topics

Publication Date

Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale

Please note that current and future CMMI research, training, and information has been transitioned to the CMMI Institute, a wholly-owned subsidiary of Carnegie Mellon University.

Abstract

A maturity model is a set of characteristics, attributes, indicators, or patterns that represent progression and achievement in a particular domain or discipline. Maturity models typically have levels arranged in an evolutionary scale that defines measurable transitions from one level of maturity to another. The current version of the CERT Resilience Management Model (CERT-RMM v1.2) utilizes the maturity architecture (levels and descriptions) as provided in the Capability Maturity Model Integration (CMMI) constellation models to ensure consistency with CMMI. The spacing between maturity levels often causes CERT-RMM practitioners some difficulty. To address some of these issues, the CERT Division of Carnegie Mellon University's Software Engineering Institute did a comprehensive review of the existing specific and generic goals and practices in CERT-RMM to determine if a better scale could be developed to help users of the model show incremental improvement in maturity without breaking the original intent of the CMMI maturity levels. This technical note presents the results: the maturity indicator level scale, or CERT-RMM MIL scale.

Cite This Report

Show Citation Formats

SEI

Butkovic, Matthew; & Caralli, Richard. Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale (CMU/SEI-2013-TN-028). Software Engineering Institute, Carnegie Mellon University, 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=69187

IEEE

Butkovic. Matthew, and Caralli. Richard, "Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2013-TN-028, 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=69187

APA

Butkovic, Matthew., & Caralli, Richard. (2013). Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale (CMU/SEI-2013-TN-028). Retrieved April 24, 2014, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=69187

CHI

Matthew Butkovic, & Richard Caralli. Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale (CMU/SEI-2013-TN-028). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2013. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=69187

MLA

Butkovic, Matthew., & Caralli, Richard. 2013. Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale (Technical Report CMU/SEI-2013-TN-028). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=69187