Mark Zajicek

Software Engineering Institute

Publications by Mark Zajicek

Benchmarking Organizational Incident Management Practices

December 17, 2019 • Podcast

Robin Ruefle Mark Zajicek

Robin Ruefle and Mark Zajicek discuss recent work that provides a baseline or benchmark of incident management practices for an organization.
learn more
Incident Management Capability Assessment

December 19, 2018 • Technical Report

Audrey J. Dorofee Robin Ruefle Mark Zajicek

The capabilities presented in this report provide a benchmark of incident management practices.
read
An Introduction to the Mission Risk Diagnostic for Incident Management Capabilities (MRD-IMC)

May 30, 2014 • Technical Note

Christopher J. Alberts Audrey J. Dorofee Robin Ruefle

The Mission Risk Diagnostic for Incident Management Capabilities revises the Incident Management Mission Diagnostic Method with updated and expanded drivers.
read
Incident Management Mission Diagnostic Method, Version 1.0

March 01, 2008 • Technical Report

Audrey J. Dorofee Georgia Killcrece Robin Ruefle

This report is superseded by the Mission Risk Diagnostic for Incident Management Capabilities, CMU/SEI-2014-TN-004.
read
Defining Incident Management Processes for CSIRTs: A Work in Progress

October 01, 2004 • Technical Report

Christopher J. Alberts Audrey J. Dorofee Georgia Killcrece

In this report, the authors present a prototype best practice model for performing incident management processes and functions.
read
Organizational Models for Computer Security Incident Response Teams (CSIRTs)

December 01, 2003 • Handbook

Georgia Killcrece Klaus-Peter Kossakowski Robin Ruefle

This 2003 report describes different organizational models for implementing incident handling capabilities, including each model's advantages and disadvantages and the kinds of incident management services that best fit with it.
read
State of the Practice of Computer Security Incident Response Teams (CSIRTs)

October 01, 2003 • Technical Report

Georgia Killcrece Klaus-Peter Kossakowski Robin Ruefle

In this 2003 report, the authors provide a study of the state of the practice of incident response, based on how CSIRTs around the world are operating.
read
Handbook for Computer Security Incident Response Teams (CSIRTs)

April 01, 2003 • Handbook

Moira West Brown Don Stikvoort Klaus-Peter Kossakowski

In this 2003 handbook, the authors describe different organizational models for implementing incident handling capabilities.
read