📌 CERT Resilience Management Model 📌
🔸 The Resilience Management Model of the Software Engineering Institute | Carnegie Mellon University (CERT-RMM) aims to improve how organizations behave and respond in advance of and during times of stress and disruption.
🔸 CERT-RMM establishes innovative and transformative ways to manage operational resilience in complex, risk-evolving environments. It distils years of research into best practices for managing the security and survivability of people, information, technology, and facilities. These best practices are integrated into a unified, capability-focused maturity model encompassing security, business continuity, and IT operations.
🔸 By using CERT-RMM, organizations can escape silo-driven approaches to managing operational risk and align to achieve strategic resilience management goals. This is pretty important; it is one of the biggest challenges to achieving all-round resilience in organizations.
🔸 CERT-RMM defines four capability levels, designated by the numbers 0 through 3, as incomplete, performed, managed & defined.
🔸 A central concept of the maturity model is convergence, defined as the harmonization of operational risk management activities with similar objectives and outcomes. Given the cascading effect one dimension of resilience could have over other dimensions, the idea is to view resilience from a single viewpoint.
🔸 The high-value services of the organization are the focus of the organization’s operational resilience management activities.
These services directly support achieving strategic objectives and, therefore, must be protected and sustained to the extent necessary to minimize disruption.