Author_Institution :
CERT Cyber Resilience Center, Carnegie Mellon Univ., Pittsburgh, PA, USA
Abstract :
The CERT Resilience Management Model (CERT-RMM) is the most modern and comprehensive framework for managing operational resilience in a variety of organizations; small or large, simple or complex, public or private. It enables a structured, repeatable, and integrated method for organizations to plan, assess, manage, and sustain not only preparedness planning efforts (e.g., disaster recovery, business continuity, crisis management) but also other key operational risk management activities such as information security and IT operations. In this paper, we share practical and successful applications of CERT-RMM from a wide variety of organizations ranging from the Department of Homeland Security, to the Department of Energy, to the US Postal Service, to industry giants such as Lockheed Martin.
Keywords :
business continuity; management of change; organisational aspects; risk analysis; strategic planning; CERT resilience management model; CERT-RMM; business continuity; crisis management; department of energy; department of homeland security; disaster recovery; information security; key operational risk management; organization integrated method; planning; Capability maturity model; Computer security; Organizations; Postal services; Resilience; Risk management; Business Continuity; Cybersecurity; Disaster Recovery; Operational Risk Management; Resilience Management;
