■
The Building Security In Maturity Model (BSIMM)
http://bsimm2.com/
53ページあるドキュメント。体系だっている。
The Building Security In Maturity Model (BSIMM, pronounced “bee simm”) is designed to help you understand, measure, and plan a software security initiative. The BSIMM was created by observing and analyzing real-world data from thirty leading software security initiatives. The BSIMM can help you determine how your organization compares to other real-world software security initiatives and what steps can be taken to make your approach more effective.
