Related CMMs
The objective of this page is to inventory IAM CMMs, complementary CMMs, or similar models, frameworks, and standards.
CMM | Scope | Version | Comments | Key References |
---|---|---|---|---|
CMMI-SVC | General-purpose CMM model for Service Providers | Version 1.3 (2011) |
| |
COBIT 5 for Information Security |
|
|
|
|
European Union Agency for Network and Information |
|
|
|
|
ISO/IEC 21827:2008(E) SSE-CMM (Systems Security Engineering - Capability Maturity Model) | InfoSec | 2008 | Accompanied by the ISO 27k family of information security standards. | |
ISF Standard of Good Practice for Information Security |
|
|
|
|
IT Capability Maturity Framework - Information Security Management (IT-CMF:ISM) |
|
|
|
|
ITIL |
|
|
|
|
NIST Computer/Cybersecurity Frameworks |
|
|
|
|
Osmanoglu | Workforce IAM | 2013 | A proper Workforce IAM CMM. | |
PalsonKennedy and Gopal | Cloud Computing and IAM | 2010 | Not a real CMM but rather a discussion on Cloud Computing, CMM. and IAM. | |
Payment Card Industry (PCI) Data Security Standard |
|
|
|
|
SANS Top 20 |
|
|
|
|
Security & Privacy Capability Maturity Model (SP-CMM) | Cybersecurity and Data Privacy | 2019.1 |
|
|
Secure Controls Framework |
|
|
| |
World Economic Forum Cyber Risk Framework (WEF-CRF) |
|
|
|
|
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.