search menu icon-carat-right cmu-wordmark

Mission Assurance Analysis Protocol (MAAP): Assessing Risk in Complex Environments

September 2005 Technical Note
Christopher J. Alberts, Audrey J. Dorofee

In this 2005 report, the authors present concepts and theories underlying the Mission Assurance Analysis Protocol.


Software Engineering Institute

CMU/SEI Report Number


DOI (Digital Object Identifier):


The global business environment continues to grow in complexity. The typical business process is no longer under a single point of management control. Instead, it has become common for management of a work process to be shared among multiple groups. The permanent enterprise, defined by an organizational chart, has been replaced by the virtual enterprise, defined by the mission being pursued. Activities today are rarely supported by dedicated, stand-alone technologies. Rather, interoperable, networked technologies form the backbone of our information infrastructures. Today, managers must deal with interrelationships and dependencies among technologies, data, tasks, activities, processes, and people that were unimaginable just a few short years ago. Unfortunately, conventional risk analysis techniques have proven inadequate for characterizing risk in today's complex operational environments, so it was necessary to develop new and innovative approaches. The Mission Assurance Analysis Protocol (MAAP) defines an advanced, systematic approach for analyzing operational risk and gauging mission assurance in complex work processes. This report presents the concepts and underlying theories behind the MAAP, highlights results from early piloting of the technique, and outlines future research directions.