How to assess maturity of national and governmental CSIRTs
Published on January 11, 2016
Nowadays the role and functions of national and governmental CSIRTs are expanding and growing, so teams must keep up with newly created demands and expectations. Improving maturity allows teams to constantly enhance their capabilities.
The report focuses on CSIRT maturity, and the Trusted Introducer certification scheme for CSIRTs as an indicator of the maturity level of teams. The assessment parameters covered are described from a dual perspective:
- of the team that is preparing for the certification process
- of teams that have already undergone certification and even recertification
The aim of this document is to be a guiding tool for those national and governmental CSIRTs which are considering reaching the next level of maturity and good understanding of their capabilities.
The motivation for national and governmental CSIRTs to gain certification is attributed to the following:
- to evaluate CSIRT organisation against international criteria
- to an external drive to understand, document and put in order processes within the CSIRT team
- to establish or put in order auditing, accountability and reporting schemes
- to implement continuous improvement in a quality management framework
- for public relations both locally, towards the supervising institutions, and internationally, to demonstrate the ‘country’s CSIRT level’.
Full report is available online.
For more on the subject matter please contact cert-relations (at) enisa.europa.eu
For interviews and press enquiries please contact: press@enisa.europa.eu
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!
News items:
http://www.enisa.europa.eu/media/news-items/news-wires/RSS
PRs:
http://www.enisa.europa.eu/media/press-releases/press-releases/RSS