|
CMMI Practice Area |
Relevant ISO Model |
|
Configuration Management (CM) |
ISO 10007: Quality Management Systems - Guidelines for Configuration Management |
|
Data Management (DM) |
ISO/IEC 27001: Information Security Management Systems |
|
Process Quality Assurance (PQA) |
ISO 9001: Quality Management Systems |
|
Risk and Opportunity Management (RSK) |
ISO 31000: Risk Management Guidelines |
|
Incident Resolution and Prevention (IRP) |
ISO/IEC 20000: IT Service Management |
|
Governance (GOV) |
ISO 38500: Corporate Governance of IT |
|
Organizational Training (OT) |
ISO 10015: Guidelines for Training |
|
Decision Analysis and Resolution (DAR) |
ISO 31000: Risk Management Guidelines |
|
Continuity (CONT) |
ISO 22301: Business Continuity Management Systems |
|
Enabling Security (ESEC) |
ISO/IEC 27001: Information Security Management Systems |
|
Enabling Safety (ESAF) |
ISO 45001: Occupational Health and Safety Management Systems |