ISO/IEC 21827

ISO/IEC 21827 specifies the Systems Security Engineering - Capability Maturity Model® (SSE-CMM®).

Based on a capability level from 1 to 5, the model helps identify the maturity of an information security system according to whether the management process – applied, verified, maintained and monitored – is 1) ad hoc, 2) planned, 3) clearly defined, 4) quantitatively controlled or 5) continuously improving.

The SSE-CMM® model evaluates the following:
The fundamental importance of information systems to operations
The effect a loss of availability can have on information systems
The impact of any change to the information contained in these systems
The repercussions if information is disclosed
The fierceness of the competition
The degree of innovation in the industry
The appeal and degree of interconnectivity of the information systems
The homogeneity of the systems
The information security components entrusted to a sub-contractor

Once the evaluation has been completed, the SSE-CMM® model (www.sse-cmm.org/index.html) helps to check that the information systems are truly ready to confront threats, in accordance with reliability requirements and availability criteria, and that vulnerabilities are resolved accordingly.

 

 
 
Services
STRATEGIC GUIDANCE
Security assessment
Management methods
and framework
TACTICAL SERVICES
Lasting indicators and processes
Identity management processes
Risk management and compliance
HUMAN CAPITAL
Building awareness
On-demand professionnals
 
Sounds familiar? ISO 27000ISO/IEC 21827CoBitUseful links NewsRecognized expertise
© In Fidem 2008