ISO/IEC 21827

This article will address the topic of ISO/IEC 21827, a topic of great relevance and interest today. For a long time, ISO/IEC 21827 has captured the attention of specialists, researchers and the general public due to its impact on various aspects of society. Throughout the article, different perspectives, studies and reflections on ISO/IEC 21827 will be analyzed, with the aim of providing a comprehensive and enriching vision of the topic. In addition, possible solutions, advances and challenges related to ISO/IEC 21827 will be explored, with the intention of fostering dialogue and critical reflection around this highly important issue.

ISO/IEC 21827 (SSE-CMM – ISO/IEC 21827) is an international standard based on the Systems Security Engineering Capability Maturity Model (SSE-CMM) developed by the International Systems Security Engineering Association (ISSEA). ISO/IEC 21827 specifies the Systems Security Engineering - Capability Maturity Model, which describes the characteristics essential to the success of an organization's security engineering process, and is applicable to all security engineering organizations including government, commercial, and academic. ISO/IEC 21827 does not prescribe a particular process or sequence, but captures practices generally observed in industry. The model is a standard metric for security engineering practices covering the following:

  • Project lifecycles, including development, operation, maintenance, and decommissioning activities
  • Entire organizations, including management, organizational, and engineering activities
  • Concurrent interactions with other disciplines, such as system software and hardware, human factors, test engineering; system management, operation, and maintenance
  • Interactions with other organizations, including acquisition, system management, certification, accreditation, and evaluation.

References