ISO 21827:2008
ISO 21827:2008 Information technology РSecurity techniques РSystems Security Engineering РCapability Maturity Model® (SSE-CMM®)
CDN $0.00
Description
ISO/IEC 21827:2008 specifies the Systems Security Engineering – Capability Maturity Model¬Æ (SSE-CMM¬Æ), which describes the essential characteristics of an organization’s security engineering process that must exist to ensure good security engineering. ISO/IEC 21827:2008 does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering the following:
- the entire life cycle, including development, operation, maintenance and decommissioning activities;
- the whole organization, including management, organizational and engineering activities;
- concurrent interactions with other disciplines, such as system, software, hardware, human factors and test engineering; system management, operation and maintenance;
- interactions with other organizations, including acquisition, system management, certification, accreditation and evaluation.
The objective is to facilitate an increase of maturity of the security engineering processes within the organization. The SSE-CMM® is related to other CMMs which focus on different engineering disciplines and topic areas and can be used in combination or conjunction with them.
Edition
2
Published Date
2008-10-16
Status
PUBLISHED
Pages
144
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
ISO/IEC 21827:2008 specifies the Systems Security Engineering - Capability Maturity Model® (SSE-CMM®), which describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering. ISO/IEC 21827:2008 does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering the following:
- the entire life cycle, including development, operation, maintenance and decommissioning activities;
- the whole organization, including management, organizational and engineering activities;
- concurrent interactions with other disciplines, such as system, software, hardware, human factors and test engineering; system management, operation and maintenance;
- interactions with other organizations, including acquisition, system management, certification, accreditation and evaluation.
The objective is to facilitate an increase of maturity of the security engineering processes within the organization. The SSE-CMM® is related to other CMMs which focus on different engineering disciplines and topic areas and can be used in combination or conjunction with them.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 27013:2021 Information security, cybersecurity and privacy protection – Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
CDN $351.00 Add to cart -
ISO 27006:2024 Information security, cybersecurity and privacy protection – Requirements for bodies providing audit and certification of information security management systems – Part 1: General
CDN $312.00 Add to cart -
ISO 20243:2023 Information technology – Open Trusted Technology ProviderTM Standard (O-TTPS) – Part 1: Requirements and recommendations for mitigating maliciously tainted and counterfeit products
CDN $273.00 Add to cart -
ISO 27022:2021 Information technology – Guidance on information security management system processes
CDN $312.00 Add to cart
