Overview
The SOC-CMM model is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis was then validated by questioning several Security Operations Centers in different sectors and on different maturity levels to determine which elements were actually in place. The output from the survey, combined with the initial analysis is the basis for this self-assessment.
For more information regarding the scientific background and the literature used to create the SOC-CMM self-assessment tool, please refer to the thesis document as available through: https://www.soc-cmm.com/
The purpose of the SOC-CMM is to gain insight into the strengths and weaknesses of the SOC. This enables the SOC management to make informed decisions about which elements of the SOC require additional attention and/or budget. By regularly assessing the SOC for maturity and capability, progress can be monitored.
Besides the primary purpose of performing an assessment of the SOC, the assessment can also be used for extensive discussions about the SOC and can thus provide valuable insights.
This tool is intended for use by SOC and security managers, experts within the SOC and SOC consultants.