Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Defining a Progress Metric for CERT-RMM Improvement

  • Abstract

    This report describes how the authors defined a Cybersecurity Program Progress Metric (CPPM) in support of a large, diverse U.S. national organization. The CPPM, based on the CERT-Resilience Management Model (CERT-RMM) v1.1, provides an indicator of progress towards achievement of CERT-RMM practices. The CPPM is an implementation metric that can be used to measure incremental progress in implementation of CERT-RMM practices and, through an aggregate score, show overall progress in achieving the goals of a cybersecurity program. The underlying concept of a CERT-RMM-based index is applicable to any organization using the CERT-RMM for model-based process improvement for such operational risk management activities as cybersecurity, business continuity, disaster recovery, IT operations, and incident response. Moreover, the underlying concept is applicable to other models such as the Cybersecurity Capability Maturity Model (C2M2).

  • Download

Cite This Report

SEI

Crabb, Gregory; Mehravari, Nader; & Tobar, David. Defining a Progress Metric for CERT-RMM Improvement. . Software Engineering Institute, Carnegie Mellon University. 2017. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765

IEEE

Crabb. Gregory, Mehravari. Nader, and Tobar. David, "Defining a Progress Metric for CERT-RMM Improvement," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note , 2017. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765

APA

Crabb, Gregory., Mehravari, Nader., & Tobar, David. (2017). Defining a Progress Metric for CERT-RMM Improvement (). Retrieved September 20, 2017, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765

CHI

Gregory Crabb, Nader Mehravari, & David Tobar. Defining a Progress Metric for CERT-RMM Improvement (). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2017. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765

MLA

Crabb, Gregory., Mehravari, Nader., & Tobar, David. 2017. Defining a Progress Metric for CERT-RMM Improvement (Technical Report ). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765

BibTex

@techreport{CrabbDefininga2017,
title={Defining a Progress Metric for CERT-RMM Improvement},
author={Gregory Crabb and Nader Mehravari and David Tobar},
year={2017},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=504765} }