Comments on: Next SAMM release coming this week http://www.opensamm.org/2009/03/next-samm-release-imminent/ A guide to building security into software development Sun, 22 Aug 2010 05:40:41 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: chandra http://www.opensamm.org/2009/03/next-samm-release-imminent/comment-page-1/#comment-19 chandra Mon, 30 Mar 2009 20:26:59 +0000 http://www.opensamm.org/?p=82#comment-19 Awesome, your help would be greatly appreciated! Part of the future plans are to create mappings from SAMM into several different existing standards and COBIT is definitely on the list. The goal was to mark each maturity level with some information about the related sections (and perhaps compile these into a new document like "Using SAMM with COBIT" and write a little introduction and supporting materials). Please let me know anything I can do to help! For other future development items, I'll be putting together a list on this site and go over them on the email discussion list, so hop on that too (it's low traffic). Thanks! Awesome, your help would be greatly appreciated! Part of the future plans are to create mappings from SAMM into several different existing standards and COBIT is definitely on the list. The goal was to mark each maturity level with some information about the related sections (and perhaps compile these into a new document like “Using SAMM with COBIT” and write a little introduction and supporting materials). Please let me know anything I can do to help!

For other future development items, I’ll be putting together a list on this site and go over them on the email discussion list, so hop on that too (it’s low traffic).

Thanks!

]]> By: Dave (aka Security Ninja) http://www.opensamm.org/2009/03/next-samm-release-imminent/comment-page-1/#comment-18 Dave (aka Security Ninja) Mon, 30 Mar 2009 11:04:13 +0000 http://www.opensamm.org/?p=82#comment-18 Hi, I wondered whether you guys had considered mapping your maturity levels to those of governance frameworks such as COBIT? I would be happy to help on that if you want to proceed with it. I will be doing this internally at work so I can use models such as SAMM and ISM3 for specific areas of security and then map the maturity levels (already done for ISM3) to COBIT for management because we use that for overall IT governance. Let me know what you think. Dave Hi,

I wondered whether you guys had considered mapping your maturity levels to those of governance frameworks such as COBIT?

I would be happy to help on that if you want to proceed with it. I will be doing this internally at work so I can use models such as SAMM and ISM3 for specific areas of security and then map the maturity levels (already done for ISM3) to COBIT for management because we use that for overall IT governance.

Let me know what you think.

Dave

]]>