I know it's a little tangential, but I always equate these methodologies
with Systems Security Engineering Capability Maturity Model (SSE-CMM).
If you're into the whole Six Sigma/DMAIC approach, it's fairly easy to
incorporate elements of SSE-CMM.
http://www.sse-cmm.org/index.html
HTH
--Mike
Michael J Smith, CISSP-ISSEP michael.j.smith (at) unisys (dot) com [email concealed]
Information Security Architect
703.419.3109 W
491.3109 N
703.855.0890 C
"Those who do not understand Unix are condemned to reinvent it, poorly."
--Henry Spencer
> -----Original Message-----
> From: thomas.jones (at) hushmail (dot) com [email concealed] [mailto:thomas.jones (at) hushmail (dot) com [email concealed]]
> Sent: Monday, January 30, 2006 10:58 AM
> To: psrc (at) securityfocus (dot) com [email concealed]
> Subject: Process Improvement for Security
>
> In line with my last post can anyone point me to a resource or does
> anyone have any opinions on applying Six Sigma, balanced scorecards
> or other business process techniques to information security ?
>
>
>
> Concerned about your privacy? Instantly send FREE secure email, no
account
> required
> http://www.hushmail.com/send?lH0
>
> Get the best prices on SSL certificates from Hushmail
> https://www.hushssl.com?lH5
with Systems Security Engineering Capability Maturity Model (SSE-CMM).
If you're into the whole Six Sigma/DMAIC approach, it's fairly easy to
incorporate elements of SSE-CMM.
http://www.sse-cmm.org/index.html
HTH
--Mike
Michael J Smith, CISSP-ISSEP michael.j.smith (at) unisys (dot) com [email concealed]
Information Security Architect
703.419.3109 W
491.3109 N
703.855.0890 C
"Those who do not understand Unix are condemned to reinvent it, poorly."
--Henry Spencer
> -----Original Message-----
> From: thomas.jones (at) hushmail (dot) com [email concealed] [mailto:thomas.jones (at) hushmail (dot) com [email concealed]]
> Sent: Monday, January 30, 2006 10:58 AM
> To: psrc (at) securityfocus (dot) com [email concealed]
> Subject: Process Improvement for Security
>
> In line with my last post can anyone point me to a resource or does
> anyone have any opinions on applying Six Sigma, balanced scorecards
> or other business process techniques to information security ?
>
>
>
> Concerned about your privacy? Instantly send FREE secure email, no
account
> required
> http://www.hushmail.com/send?lH0
>
> Get the best prices on SSL certificates from Hushmail
> https://www.hushssl.com?lH5
[ reply ]