Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Technical Report

Incident Management Capability Assessment

  • Abstract

    Successful management of incidents that threaten an organization's computer security is a complex endeavor. Frequently an organization's primary focus is on the response aspects of security incidents, which results in its failure to manage incidents beyond simply reacting to threatening events.

    The capabilities presented in this document are intended to provide a baseline or benchmark of incident management practices for an organization. The incident management capabilities—provided in a series of statements and indicators—define the actual benchmark. The capabilities explore different aspects of incident management activities for preparing or establishing an incident management function; protecting, detecting, and responding to unauthorized activity in an organization's information systems and computer networks; and sustaining the ability to provide those services. This benchmark can be used by an organization to assess its current incident management function for the purpose of process improvement. This assessment will also help assure system owners, data owners, and operators that their incident management services are being delivered with a high standard of quality and success within acceptable levels of risk.
  • Download

Cite This Report

SEI

Dorofee, Audrey; Ruefle, Robin; Zajicek, Mark; McIntire, David; Perl, Samuel; Alberts, Christopher; Huth, Carly; & Walters, Pennie. Incident Management Capability Assessment. CMU/SEI-2018-TR-007. Software Engineering Institute, Carnegie Mellon University. 2018. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848

IEEE

Dorofee. Audrey, Ruefle. Robin, Zajicek. Mark, McIntire. David, Perl. Samuel, Alberts. Christopher, Huth. Carly, and Walters. Pennie, "Incident Management Capability Assessment," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-2018-TR-007, 2018. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848

APA

Dorofee, Audrey., Ruefle, Robin., Zajicek, Mark., McIntire, David., Perl, Samuel., Alberts, Christopher., Huth, Carly., & Walters, Pennie. (2018). Incident Management Capability Assessment (CMU/SEI-2018-TR-007). Retrieved March 18, 2019, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848

CHI

Audrey Dorofee, Robin Ruefle, Mark Zajicek, David McIntire, Samuel Perl, Christopher Alberts, Carly Huth, & Pennie Walters. Incident Management Capability Assessment (CMU/SEI-2018-TR-007). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2018. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848

MLA

Dorofee, Audrey., Ruefle, Robin., Zajicek, Mark., McIntire, David., Perl, Samuel., Alberts, Christopher., Huth, Carly., & Walters, Pennie. 2018. Incident Management Capability Assessment (Technical Report CMU/SEI-2018-TR-007). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848

BibTex

@techreport{DorofeeIncidentManagement2018,
title={Incident Management Capability Assessment},
author={Audrey Dorofee and Robin Ruefle and Mark Zajicek and David McIntire and Samuel Perl and Christopher Alberts and Carly Huth and Pennie Walters},
year={2018},
number={CMU/SEI-2018-TR-007},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=538848} }