20th February, 2015
CMMI Institute released a guide for improving processes for secure products with the name of Security by Design with CMMI for Development, Version 1.3. It was a constant need to develop and deliver secure applications but the processes in the organizations that were developed based on CMMI for Development Models were only concerned with SDLC Best Practices and were not having Security Related best practices. Keeping in view the need of the industry CMMI Institute developed this application guide.
This application guide provides guidance on improving the existing processes with security components. Application guide define a set of 04 additional process areas (PA) for CMMI for Development, Version 1.3 and these PAs integrate seamlessly with existing Process Management, Project Management, and Engineering process area categories of CMMI-DEV.
Overview of these four process areas with security best practices is given below:
With these processes areas Organization, Project Managers, Process Improvement Professionals and Security Experts can be sure of the security implementation in the products. These process areas can be used to check the Security implementation based on the Specific Practices defined in these process areas.
Previous Post
Changes in SCAMPI MDD V1.3bNext Post
As a CMMI Consultant, during CMMI consulting assignment, you may be asked about the benefits of CMMI related to Improvement in Schedule Targets, Post-Release Defect Density and Cost Savings to the End User. CMMI Consultants may answer this question by taking input from the post below:
Rajendra's LinkedIn Profile
Rajendra is a qualified and certified Lead Appraiser and Instructor for the following :
Rajendra is Lead Assessor for ISO 9001 (QMS), ISO 14001 (EMS), OHSAS 18001 (OHSMS) since 1994
International Automotive Task Force (IATF) approved Lead Assessor for Automotive Standard TS 16949:2009
Lead Assessor for ISO 27001 (ISMS) and ISO 20000-1 (ITSM)
Rajendra has 25 years experience in the industry.