Accession Number:

AD1017853

Title:

Defining a Maturity Scale for Governing Operational Resilience

Descriptive Note:

Technical Report,01 Mar 2015,31 Mar 2015

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States

Report Date:

2015-03-01

Pagination or Media Count:

22.0

Abstract:

Achieving operational resilience in todays environment is becoming increasingly complex as the pace of technology and innovation continues to accelerate. Sponsorship, strategic planning, and oversight of operational resilience are the most crucial activities in developing and implementing an effective operational resilience management ORM system. These governance activities are described in detail in the CERTregistered Resilience Management Model enterprise focus EF process area PA. To ensure operational resilience, an organization must identify shortfalls across these defined activities, make incremental improvements, and measure improvement against a defined, accepted maturity scale. The current version of the CERT Resilience Management Model CERTRMMV1.2 utilizes a maturity architecture levels and descriptions that may not meet the granularity needs for organizations committed to making incremental improvements in governing operational resilience. To achieve a more granular approach, the CERT-RMM Maturity Indicator LevelMIL scale was developed for application across all CERT-RMM PAs. The CERT Division of Carnegie Mellon Universitys Software Engineering Institute is conducting ongoing research around the current state of the practice of governing operational resilience and developing specific actionable steps for improving the governance of operational resilience. Study results provide the specific EF PA MIL scale for assessing maturity, identifying incremental improvements, and measuring improvements.

Subject Categories:

Distribution Statement:

APPROVED FOR PUBLIC RELEASE