Transcription of CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2)
{{id}} {{{paragraph}}}
Example: stock market
CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2)
CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2) Version February 2014 CYBERSECURITY CAPABILITY MATURITY MODEL Version i TABLE OF CONTENTS Acknowledgments .. iii 1. Introduction .. 1 Intended Audience .. 1 Document Organization .. 2 2. Core Concepts .. 3 MATURITY Models .. 3 Critical Infrastructure Objectives .. 3 IT and OT Assets .. 4 Relationship to the Risk Management Process .. 4 Function .. 5 3. MODEL Architecture .. 6 Domains .. 6 MATURITY Indicator Levels .. 8 Approach Progression .. 9 Institutionalization Progression .. 10 Summary of MIL Characteristics .. 13 Practice Reference Notation .. 14 4. Using the MODEL .. 15 Prepare To Use the MODEL .. 15 Perform an Evaluation .. 16 Analyze Identified Gaps .. 16 Prioritize and Plan .. 17 Implement Plans and Periodically Reevaluate .. 17 5. MODEL Domains .. 19 Risk Management .. 19 Asset, Change, and Configuration Management .. 22 Identity and Access Management.
May 01, 2010 · The C2M2 is designed for use with a self-evaluation methodology and toolkit (available by request) for an organization to measure and improve its cybersecurity program.1 A self-evaluation using the toolkit can be completed in one day, but the toolkit could be adapted for a more rigorous evaluation effort.
Tags:
Information
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document: