Accession Number:
ADA393329
Title:
Systems Security Engineering Capability Maturity Model SSE-CMM Model Description Document
Descriptive Note:
Corporate Author:
BOOZ-ALLEN AND HAMILTON INC MCLEAN VA
Personal Author(s):
Report Date:
1999-04-01
Pagination or Media Count:
318.0
Abstract:
The Systems Security Engineering Capability Maturity Model SSE-CMM describes the essential characteristics of an organizations security engineering process that must exist to ensure good security engineering. The SSE-CMM does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering 1 The entire life cycle, including development, operation, maintenance, and decommissioning activities 2 The whole organization, including management, organizational, and engineering activities 3 Concurrent interactions with other disciplines, such as system, software, hardware, human factors, and test engineering system management, operation, and maintenance 4 Interactions with other organizations, including acquisition, system management, certification, accreditation, and evaluation The SSE-CMM Model Description provides an overall description of the principles and architecture upon which the SSE-CMM is based, an executive overview of the model, suggestions for appropriate use of the model, the practices included in the model, and a description of the attributes of the model. It also includes the requirements used to develop the model. The SSE-CMM Appraisal Method describes the process and tools for evaluating an organizations security engineering capability against the SSE-CMM.
Descriptors:
Subject Categories:
- Computer Systems Management and Standards