This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Which additional alignments could be made to the SOC-CMM
(02-20-2019, 02:12 PM)robvanos Wrote: The SOC-CMM is currently aligned with NIST CSF 1.0 and NIST CSF 1.1. Indirectly, this connects the SOC-CMM to other standards, such as: COBIT 5, ISO/IEC 27001:2013 and NIST SP 800-536. What additional alignments could be valueable to the SOC-CMM community?
Imho any alignment analysis with other practice-based frameworks is rather meaningless. It would only illustrate redundancies and blanks between these frameworks.
Instead, I would recommend to cross-reference the framework with a method that describes a management system.
If you would also cross-reference the other frameworks with that same method, you would have an impartial reference point. THAT would make 'alignment' of cross-referencing meaningful.

If you would try this with e.g. the USM method (Unified Service Management), you would find astonishing results for all involved frameworks...

Messages In This Thread
RE: Which additional alignments could be made to the SOC-CMM - by jvbon - 08-16-2019, 09:10 AM

Forum Jump:

Users browsing this thread: 1 Guest(s)