ISO/IEC JTC 1/SC 27
| Projekta Nr. | ISO/IEC 21827:2008 |
|---|---|
| Nosaukums | <p>ISO/IEC 21827:2008 specifies the Systems Security Engineering - Capability Maturity Model® (SSE-CMM®), which describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering. ISO/IEC 21827:2008 does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering the following: </p> <ul> <li>the entire life cycle, including development, operation, maintenance and decommissioning activities;</li> <li>the whole organization, including management, organizational and engineering activities;</li> <li>concurrent interactions with other disciplines, such as system, software, hardware, human factors and test engineering; system management, operation and maintenance;</li> <li>interactions with other organizations, including acquisition, system management, certification, accreditation and evaluation.</li> </ul> <p>The objective is to facilitate an increase of maturity of the security engineering processes within the organization. The SSE-CMM® is related to other CMMs which focus on different engineering disciplines and topic areas and can be used in combination or conjunction with them.</p> |
| Reģistrācijas numurs (WIID) | 44716 |
| Darbības sfēra | <p>ISO/IEC 21827:2008 specifies the Systems Security Engineering - Capability Maturity Model® (SSE-CMM®), which describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering. ISO/IEC 21827:2008 does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering the following: </p> <ul> <li>the entire life cycle, including development, operation, maintenance and decommissioning activities;</li> <li>the whole organization, including management, organizational and engineering activities;</li> <li>concurrent interactions with other disciplines, such as system, software, hardware, human factors and test engineering; system management, operation and maintenance;</li> <li>interactions with other organizations, including acquisition, system management, certification, accreditation and evaluation.</li> </ul> <p>The objective is to facilitate an increase of maturity of the security engineering processes within the organization. The SSE-CMM® is related to other CMMs which focus on different engineering disciplines and topic areas and can be used in combination or conjunction with them.</p> |
| Statuss | Standarts spēkā |
| ICS grupa | 35.040 35.030 |