CERT® Resilience Management Model (RMM) v1.1: Code of Practice Crosswalk Commercial Version 1.1
October 2011 • Technical Note
In this report, the authors explain how CERT-RMM process areas, industry standards, and codes of practice are used by organizations in an operational setting.
Software Engineering Institute
CMU/SEI Report Number
CERT® Resilience Management Model (CERT-RMM) provides a reference model that allows organizations to make sense of their practice deployment in a process context. In this context, the primary goal of this document is to help model users and adopters to understand how CERT-RMM process areas, industry standards, and codes of practices that are used by organizations in an operational setting are connected. Additionally, this document helps to achieve a primary goal of CERT-RMM, which is to allow adopters to continue to use their preferred standards and codes of practice at a tactical level while maturing management and improvement of operational resilience at a process level. This document was also created with the objective to permit organizations to use CERT-RMM as a means for managing the complexities of deploying more than one standard or code of practice.