PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2004

Six Sigma and CMM models offer security best practices

When Al Schmidt joined Arch Chemicals as CIO in 1997, security wasn't the first thing on his mind; IT survival was. The legacy mainframe system was shaky, and the company wanted to implement SAP on top of it. "We didn't have the skills and organization to be able to manage what we had," Schmidt says. Six Sigma was the key to improving Arch's IT systems and, ultimately, the company's security. Only 20 percent of corporate infosecurity departments are pursuing formal management methodologies; the remaining 80 percent continue to use ad hoc, unfocused approaches. , Schmidt, who learned about the Six Sigma continuous improvement methodology as an engineer, brought discipline to IT and eventually expanded it to infosecurity. "People began to get the idea that 'it isn't enough for me to succeed. I'm going to be totally dependent on my neighbor succeeding, and if he or she doesn't succeed, I'm going to fail and I'll feel it in the pocketbook,'" Schmidt says. Everything started with business objectives: Keep the operations running and ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue