July 21st, 2008
Complexity and change pervade today’s organizations. Organizational and technology components that must work together may be created, managed, and maintained by different entities. Net-centric operations and service-oriented architectures will push this trend further, increasing the layers of people, processes, and systems. Existing analysis mechanisms do not provide a way to:
(1) focus on challenges arising from integrating multiple systems,
(2) consider architecture tradeoffs carrying impacts beyond a single system, and
(3) consider the linkage of technology to critical organizational functions.
Robert J. Ellison,
John Goodenough,
Charles Weinstock,
Carol Woody
http://www.sei.cmu.edu/publications/documents/08.reports/08tr008.html
200807 analysis architecture business continuity
Posted in Article | Comments Off
April 22nd, 2008
The Carnegie Mellon Software Engineering Institute (SEI) CERT Program, together with the Financial Services Technology Consortium (FSTC), today announced the availability of the CERT® Resiliency Engineering Framework. This framework provides a comprehensive roadmap that enables organizations of all sizes to establish, manage, and evaluate operational resiliency which encompasses both security and business continuity.
The CERT Resiliency Engineering Framework (REF) embodies methods and guidelines that have been developed and proven in practice over the last 20+ years by the SEI, combined with security and business continuity expertise gained through the SEI’s collaboration with FSTC.
“Our collaboration with FSTC over the past couple of years has enabled the SEI to develop and release a roadmap specifically designed for organizations to be flexible and straightforward to implement across all sizes of enterprises and their suppliers,” said Rich Caralli, technical lead for the CERT REF project. “REF is based not only on our own experience. FSTC provided us with unparalleled access to some of the best practitioners in the security and business continuity space.”
“Operational resiliency and effective risk management continue to be a priority for all of us in the financial services industry,” said Dan Schutzer, Executive Director of the Financial Services Technology Consortium. “The Resiliency Engineering Framework provides a compelling new tool to measure and improve resiliency for organizations and their suppliers.”
The framework consists of over 20 comprehensive capability modules, giving organizations the flexibility to implement as few or as many as their needs and strategies require. Benchmarking against the framework will help organizations optimize their operational resiliency investments, make objective peer-to-peer comparisons in their industry sector, and select capable third-party suppliers.
http://www.sei.cmu.edu/about/press/releases/refmodel.html
200804 business continuity framework reliability security SEI
Posted in News | Comments Off