CISSP – Information Systems Security Management Professional (ISSMP) — Question 55
James works as a security manager for SoftTech Inc. He has been working on the continuous process improvement and on the ordinal scale for measuring the maturity of the organization involved in the software processes. According to James, which of the following maturity levels of software CMM focuses on the continuous process improvement?
Answer options
- A. Repeatable level
- B. Defined level
- C. Initiating level
- D. Optimizing level
Correct answer: D
Explanation
The Optimizing level in the CMM framework is dedicated to continuous process improvement, emphasizing the need for ongoing enhancements. The Repeatable and Defined levels focus more on establishing and documenting processes rather than continuous improvement, while the Initiating level is primarily concerned with the initial adoption of processes.