Software Engineering Institute

Sustaining Operational Resiliency: A Process Improvement Approach to Security Management

April 1, 2006 • Technical Note

By

Richard A. Caralli

In this 2006 report, Richard Caralli describes the fundamental elements and benefits of a process approach to security and operational resiliency.

Publisher

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2006-TN-009

DOI (Digital Object Identifier)

10.1184/R1/6584495.v1

Subjects

Cyber Risk And Resilience Management Resilience Management Model (Rmm)

Abstract

Organizations face an ever-changing risk environment. The risk that emanates from the day-to-day activities of the organization, operational risk, is the subject of increasing attention, particularly in the banking and finance industry, because of the potential to significantly disrupt an organizations pursuit of its mission. Security, business continuity, and IT operations management are activities that traditionally support operational risk management. But collectively, they also converge to improve the operational resiliency of the organization—the ability to adapt to a changing operational risk environment as necessary. Coordinating these efforts to sustain operational resiliency requires a process-oriented approach that can be defined, measured, and actively managed. This report describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.

Cite This Technical Note

APA

Caralli, R. (2006, April 1). Sustaining Operational Resiliency: A Process Improvement Approach to Security Management. (Technical Note CMU/SEI-2006-TN-009). Retrieved April 18, 2024, from https://doi.org/10.1184/R1/6584495.v1.

BibTeX

@techreport{caralli_2006,
author={Caralli, Richard},
title={Sustaining Operational Resiliency: A Process Improvement Approach to Security Management},
month={Apr},
year={2006},
number={CMU/SEI-2006-TN-009},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6584495.v1},
note={Accessed: 2024-Apr-18}
}

CHI

Caralli, Richard. "Sustaining Operational Resiliency: A Process Improvement Approach to Security Management." (CMU/SEI-2006-TN-009). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, April 1, 2006. https://doi.org/10.1184/R1/6584495.v1.

IEEE

R. Caralli, "Sustaining Operational Resiliency: A Process Improvement Approach to Security Management," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2006-TN-009, 1-Apr-2006 [Online]. Available: https://doi.org/10.1184/R1/6584495.v1. [Accessed: 18-Apr-2024].

MLA

Caralli, Richard. "Sustaining Operational Resiliency: A Process Improvement Approach to Security Management." (Technical Note CMU/SEI-2006-TN-009). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Apr. 2006. https://doi.org/10.1184/R1/6584495.v1. Accessed 18 Apr. 2024.

SEI

Caralli, Richard. Sustaining Operational Resiliency: A Process Improvement Approach to Security Management. CMU/SEI-2006-TN-009. Software Engineering Institute. 2006. https://doi.org/10.1184/R1/6584495.v1

Ask a question about this Technical Note