Using Defined Processes as a Context for Resilience Measures
Abstract
The CERT(registered trademark) Resilient Enterprise Management (REM) team is researching operational resilience and the organizational processes that support it. The team's first report, Measuring Operational Resilience Using the CERT(registered trademark) Resilience Management Model (CMU/SEI-2010- TN-030), defined high-level objectives for managing an operational resilience management system, demonstrated how to derive meaningful measures from those objectives, and presented a template for defining resilience measures. The team's second report, Measures for Managing Operational Resilience (CMU/SEI-2011-TR-019), suggested strategic measures for managing operational resilience and provided candidate measures for the 26 process areas of the CERT(registered trademark) Resilience Management Model, Version 1.1 (CERT(registered trademark)-RMM). This technical note describes how implementation-level processes can provide the necessary context for identifying and defining measures of operational resilience. While CERT-RMM defines the commonly used or best practices for operational resilience--what an organization should do--organization-specific processes must be defined at the implementation level to describe how to perform those practices. Organizations can then identify and define measures within the context of their specific processes and constituent procedures. Organizations can use the measures to evaluate process performance and operational resilience and identify opportunities for improvement. This technical note provides examples and templates for defining processes and procedures and for defining related assets and measures.
Document Details
- Document Type
- Technical Report
- Publication Date
- Dec 01, 2011
- Accession Number
- ADA610464
Entities
People
- Julia H. Allen
- Linda P. Gates
- Pamela D. Curtis
Organizations
- Carnegie Mellon University