Transcription of Cybersecurity Capability Maturity Model (C2M2), Version 2 ...
{{id}} {{{paragraph}}}
Revision 06 TABLE OF CONTENTS i Acknowledgments .. iii Cautionary Note .. vi Intended Scope and Use of This Publication .. vi Note to Readers on the Update .. vii 1. Introduction .. 1 Intended Audience .. 1 Document Organization .. 2 2. Background .. 3 Model Development Approach .. 3 3. Core Concepts .. 5 Maturity Models .. 5 Critical Infrastructure Objectives .. 5 Enterprise, Organization, and Function .. 6 Function .. 6 Assets .. 8 4. Model Architecture .. 10 Domains, Objectives, and Practices .. 10 Maturity Indicator Levels .. 13 Summary of MIL Characteristics .. 13 Approach Progression .. 14 Management Progression .. 15 Example Lists Included in Practices .. 16 Practice Reference Notation .. 16 5. Using the Model .. 18 Step 1: Perform an Evaluation .. 18 Step 2: Analyze Identified Gaps .. 19 Step 3: Prioritize and Plan .. 20 Step 4: Implement Plans and Periodically Reevaluate.
Program Team and Contributors . Brian Benestelli, Carnegie Mellon University Software Engineering Institute - CERT Program John Keenan, Idaho National Laboratory (INL) Ron Savoury, MITRE Eric Cardwell, Axio Ismael Khokhar, ICF Patrick Siebenlist, Nexight Michael Cohen, MITRE Lindsay Kishter, Nexight Paul Skare, Pacific Northwest
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}