Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Sustaining Operational Resiliency: A Process Improvement Approach to Security Management

  • April 2006
  • By Richard A. Caralli
  • In this 2006 report, Richard Caralli describes the fundamental elements and benefits of a process approach to security and operational resiliency.
  • Cyber Risk and Resilience Management
  • Publisher: Software Engineering Institute
    CMU/SEI Report Number: CMU/SEI-2006-TN-009
  • Abstract

    Organizations face an ever-changing risk environment. The risk that emanates from the day-to-day activities of the organization, operational risk, is the subject of increasing attention, particularly in the banking and finance industry, because of the potential to significantly disrupt an organizations pursuit of its mission. Security, business continuity, and IT operations management are activities that traditionally support operational risk management. But collectively, they also converge to improve the operational resiliency of the organization—the ability to adapt to a changing operational risk environment as necessary. Coordinating these efforts to sustain operational resiliency requires a process-oriented approach that can be defined, measured, and actively managed. This report describes the fundamental elements and benefits of a process approach to security and operational resiliency and provides a notional view of a framework for process improvement.

  • Download

Cite This Report

SEI

Caralli, Richard. Sustaining Operational Resiliency: A Process Improvement Approach to Security Management. CMU/SEI-2006-TN-009. Software Engineering Institute, Carnegie Mellon University. 2006. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871

IEEE

Caralli. Richard, "Sustaining Operational Resiliency: A Process Improvement Approach to Security Management," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2006-TN-009, 2006. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871

APA

Caralli, Richard. (2006). Sustaining Operational Resiliency: A Process Improvement Approach to Security Management (CMU/SEI-2006-TN-009). Retrieved July 29, 2016, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871

CHI

Richard Caralli. Sustaining Operational Resiliency: A Process Improvement Approach to Security Management (CMU/SEI-2006-TN-009). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2006. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871

MLA

Caralli, Richard. 2006. Sustaining Operational Resiliency: A Process Improvement Approach to Security Management (Technical Report CMU/SEI-2006-TN-009). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871

BibTex

@techreport{CaralliSustainingOperational2006,
title={Sustaining Operational Resiliency: A Process Improvement Approach to Security Management},
author={Richard Caralli},
year={2006},
number={CMU/SEI-2006-TN-009},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=7871} }