Your global information security experts
Search for Vulnerabilities via
The National Vulnerability Database
IA-CMM Appraisal Services
Security Horizon currently holds a Cooperative Research and Development Agreement (CRADA) with the National Security Agency (NSA) for conducting INFOSEC Assurance Capability Maturity Model (IA-CMM) based appraisals for organizations that either conduct in-house INFOSEC Assurance assessments or provide this service for their customers. Further information on this program and the associated training courses can be found at the NSA IATRP website.
The IA-CMM for short, provides a standard CMM rating system for organizations conducting INFOSEC assessments and evaluations. With so many security service providers available to customers today, how can you differentiate yourself from your weaker competition? You've spent a lot of time and effort building robust, repeatable security methods and processes, but until the IA-CMM there was no means to truly show the customer how much better you really are.
It's important to note that an IA-CMM appraisal does not rate the quality of a company's end product to the customer. It, instead, measures the ability of that organization to provide consistent, repeatable results. This provides a customer with value by showing that past performance is repeatable and provides a level of confidence in the execution of activities. The basic signs for maturity within any offering are based on the elimination of single points of failure, the creation of documented and repeatable processes, and a clear understanding by the workforce of what the goals and processes are within the organization.
Security Horizon currently offers the following IA-CMM appraisal options for interested parties. If you find that you require further customization, please contact us at 866.544.6755 or info(at)securityhorizon[dot]com. See the legend below the matrix for more information.
| Appraisal Package Comparison Matrix | |||||
|---|---|---|---|---|---|
| 24x Bootcamp | 12x Bootcamp | CMM Prep | Pre Appraisal | Final Appraisal | |
| Diamond Appraisal Package |  |
|
|
|
|
| Platinum Appraisal Package | |
|
|
||
| Gold Appraisal Package | |
|
|
|
|
| Silver Appraisal Package | |
|
|
||
| Bronze Appraisal Package | |
|
|||
| Basic Plus Appraisal | |
|
|
||
| Basic Appraisal | |
||||
Legend
24x Bootcamp: 24 seats to the NSA IAM/IEM bootcamp, internal (private) course only12x Bootcamp: 12 seats to the NSA IAM/IEM bootcamp, internal (private) course only
CMM Prep: A one day course detailing the IA-CMM and how Security Horizon will conduct the Appraisal process utilizing the Continuous Appraisal Methodology (CAM)
Pre-Appraisal: A one week simulation of a Full Appraisal that will help you better understand how your current processes might score if you were rated today and what you need in order to achieve the profile you want
Final Appraisal: This is the actual IA-CMM Appraisal process that results in an IA-CMM profile rating from the National Security Agency