Skip to end of banner
Go to start of banner

Related CMMs

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Current »

The objective of this page is to inventory IAM CMMs, complementary CMMs, or similar models, frameworks, and standards.

CMM

Scope

Version

Comments

Key References

CMMI-SVC

General-purpose CMM model for Service Providers

Version 1.3 (2011)

Forrester et al., 2011

CMMI Product Team, 2010

COBIT 5 for Information Security

European Union Agency for Network and Information
Security (ENISA)

ISO/IEC 21827:2008(E) SSE-CMM (Systems Security Engineering - Capability Maturity Model)

InfoSec

2008

Accompanied by the ISO 27k family of information security standards.

ISO and IEC, 2008

ISF Standard of Good Practice for Information Security

IT Capability Maturity Framework - Information Security Management (IT-CMF:ISM)

ITIL

NIST Computer/Cybersecurity Frameworks

Osmanoglu

Workforce IAM

2013

A proper Workforce IAM CMM.

Osmanoglu, 2013

PalsonKennedy and Gopal

Cloud Computing and IAM

2010

Not a real CMM but rather a discussion on Cloud Computing, CMM. and IAM.

PalsonKennedy and Gopal, 2010

Payment Card Industry (PCI) Data Security Standard
(PCI-DSS)

SANS Top 20

Security & Privacy Capability Maturity Model (SP-CMM)

Cybersecurity and Data Privacy

2019.1

World Economic Forum Cyber Risk Framework (WEF-CRF)

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.