search menu icon-carat-right cmu-wordmark

CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication 800-66 Crosswalk

October 2013 Technical Note
Lisa R. Young, Ma-Nyahn Kromah (SunGard Availability Services)

In this report, the authors map CERT-RMM process areas to key activities in NIST Special Publication 800-66 Revision 1.


Software Engineering Institute

CMU/SEI Report Number


DOI (Digital Object Identifier):


Organizations can use the CERT Resilience Management Model (CERT-RMM) V1.1, developed by the CERT Division of Carnegie Mellon University's Software Engineering Institute, to determine how their current practices can support their level of process maturity in areas of operational resilience (business continuity, disaster recovery, management and security planning, and IT operations and service delivery). This technical note is a follow-on to the CERT-RMM Code of Practice Crosswalk, Commercial Version 1.1 (CMU/SEI-2011-TN-012) and connects CERT-RMM process areas to NIST Special Publication 800-66 Revision 1: An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.