CERT-RMM is a maturity model that promotes the convergence of security, business continuity, and IT operations activities to help organizations manage operational resilience and risk.
CERT-RMM V1.0 is available as a free download. This version provides useful information about the model and its contents, but does not include important information on model use and adoption, or updated information from field use and piloting. CERT-RMM appraisals do not use this version of the model.
Version 1.1 of the CERT-RMM was published in a book by Addison-Wesley Professional in December 2010. The book introduces CERT-RMM concepts and presents the model in itsentirety. All CERT-RMM appraisals are based on V1.1, which is considered the official current version of the model.
The CERT Division is currently performing capability appraisals using the CERT Resilience Management Model as a foundation. Capability appraisals are an objective way to determine your organization's current level of capability for managing operational resilience based on the model's capability level scale.
Several training courses related to CERT-RMM are available, including introductory and advanced CERT-RMM topics.