Building an Incident Management Body of Knowledge

September 2012 • White Paper

Dave Mundie, Robin Ruefle

In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.

Publisher:

Software Engineering Institute

Subjects

Incident ManagementIncident Management
Incident HandlingIncident Handling

Abstract

The CERT Incident Management Body of Knowledge (CIMBOK) was built using a systematic process that starts with a controlled vocabulary and evolves through taxonomies, static ontologies, dynamic ontologies, intentional ontologies, and metamodels. The CIMBOK builds on 10 previous standards for incident management. This paper describes the components of the CIMBOK and how they were constructed.

Software Engineering Institute