Building an Incident Management Body of Knowledge
September 2012 • White Paper
Dave Mundie, Robin Ruefle
In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.
Software Engineering Institute
The CERT Incident Management Body of Knowledge (CIMBOK) was built using a systematic process that starts with a controlled vocabulary and evolves through taxonomies, static ontologies, dynamic ontologies, intentional ontologies, and metamodels. The CIMBOK builds on 10 previous standards for incident management. This paper describes the components of the CIMBOK and how they were constructed.