Transcription of CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2)
{{id}} {{{paragraph}}}
CYBERSECURITY CAPABILITY MATURITY MODEL (C2M2) Version February 2014 CYBERSECURITY CAPABILITY MATURITY MODEL Version i TABLE OF CONTENTS Acknowledgments .. iii 1. Introduction .. 1 Intended Audience .. 1 Document Organization .. 2 2. Core Concepts .. 3 MATURITY Models .. 3 Critical Infrastructure Objectives .. 3 IT and OT Assets .. 4 Relationship to the Risk Management Process .. 4 Function .. 5 3. MODEL Architecture .. 6 Domains .. 6 MATURITY Indicator Levels .. 8 Approach Progression .. 9 Institutionalization Progression .. 10 Summary of MIL Characteristics .. 13 Practice Reference Notation .. 14 4. Using the MODEL .. 15 Prepare To Use the MODEL .. 15 Perform an Evaluation .. 16 Analyze Identified Gaps .. 16 Prioritize and Plan .. 17 Implement Plans and Periodically Reevaluate .. 17 5. MODEL Domains .. 19 Risk Management .. 19 Asset, Change, and Configuration Management .. 22 Identity and Access Management .. 25 Threat and Vulnerability Management.
May 01, 2010 · Cybersecurity Capability Maturity Model Version 1.1 CORE CONCEPTS 3 2. CORE CONCEPTS This chapter describes several core concepts that are important for interpreting the content and structure of the model. 2.1 Maturity Models A maturity model is a set of characteristics, attributes, indicators, or patterns that represent
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}