HOME - NEWS EVENTS - MAILING LISTS - OPST/OPSA TRAINING & EXAMS - ABOUT US - CORE TEAM - MEDIA KIT - CONTACT - OPEN LICENSES 




 


 
  TEAM ACCESS
     Beta Releases
     Gold Team Updates

  PROJECTS & RESEARCH
     Business Integrity Testing
     Compromise Detection
     Jack of All Trades
     Hacker Highschool
     Hacker's Profiling Project
     Protocol Database
     Security Incident Policy Enforcement
     Security Metrics
     Security Maturity Model
     Secure Programming
     Security Testing Methodology
     Software Quality Testing
     Security Tools
     Trusted Computing
     XML
     Graduate Projects

  ACCREDITED TRAINING
     ISESTORM Event 
     OPSA - Security Analyst 
     OPST - Security Tester 
     OPSE - OSSTMM Expert 
     OWSE - OSSTMM Wireless Expert 
     Hacker Highschool Teacher
     Training Material Accreditation 
     Trainer & Training Certification
     Training & Exam Schedule

  ASSOCIATIONS 

     ISECOM Associates
     ISECOM Affiliates
     ISECOM Partners
     ISECOM Auditors
     Sponsors

  SERVICES 

     Security Test Review
     Gold/Silver Subscriptions 
ISECOM - Institute for Security and Open Methodologies

www.isecom.org - PROJECTS & RESEARCH - SOMA

SOMA - Security Operations Maturity Architecture

SOMA (Security Operations Maturity Architecture) offers a new approach to defining security operations and management processes. Originally designed to fill the need for a simple and widely applicable quality standard for ISM systems, SOMA provides a framework for easily structuring and accurately measuring operational security and management process.

As a maturity model, SOMA provides an architecture model applicable at any security maturity level of any size organization. SOMA can be applied cleanly with high sophistication to assure business objectives are specifically tailored to security design, implementation, operations, management, procurement, and assurance processes.

SOMA is both logical and comprehensive for organizations already using standards such as COBIT, ITIL, CMMI, ISO17799, ISO27001, OCTAVE, and the OSSTMM. It is structured into maturity levels based on operational security metrics so that organizations can choose an appropriate level for their business and move in stages towards it.

This project's goals are to maximize ability for roll-out and to defy antiquating itself while allowing to certify under a specific security maturity level. As technology and process studies provide greater insight to business with each passing year, it has become important for ISECOM methodologies to avoid the necessity of product-based methods, traditional risk analysis which requires constant upkeep of threat assessment, vulnerability assessment, and asset values, and best practices which are not specific to the organization applying it.

For those looking for a security maturity model, need a certifiable security management process, or require a comprehensible method for structuring security processes, the SOMA project will provide the answer.

For those looking for ISM3:

The ISECOM ISM3 maturity model (Information Security Management Maturity Model) has been expanded into SOMA. This name change and project re-structuring will provide an improved approach to security management maturity. Converging technologies and processes, current ISM systems are no longer simply classifiable as ISM. Due to the inherent limitations imposed within ISM3, the maturity model is being broadened to apply to operations and reach beyond information security.

If you are interested in helping with this project please contact us at soma<at>isecom.org

20213 visits (2 today, 15 this week)

 

 

Formerly the Ideahamster Organization - www.isecom.org - www.osstmm.orgwww.hackerhighschool.org - www.isestorm.org
 If you have any comments, questions, or to note broken links on this website send e-mail to the Webmaster. 
 All contents copyright © 2000 - 2006 - ISECOM - Institute for Security and Open Methodologies. All rights reserved.