If you have responsibility for managing compliance in your organization, or if you are a vendor whose software product involves compliance or security configuration management, we invite you to learn more about The Open Automated Compliance Expert Markup Language (O-ACEML) standard.
The beauty of the O-TTPF, a set of best practices for engineering and secure development methods and supply chain integrity, is that the Framework and guidelines are being developed by industry — architects, developers, manufacturers and supply chain experts, with input from government(s) — for industry. The fact that these best practices will be open, international, publically available and translated where appropriate, will allow all providers to understand what they need to do to “Build with Integrity” – so that customers can “Buy with Confidence”.
As the IT environment has changed significantly over the past several years, members of the Security Forum saw a need to revisit the document, Enterprise Security Architecture, and to update the guidance contained in it to address changes including mobile device security, and new categories of security controls such as data loss prevention. Learn about the new download here.
The Open Group set up three informal Twitter polls this week during The Open Group Conference, London. What do you think of our informal poll results? Do you agree? Disagree? And why?
As the IT media is dominated by stories on Cloud and cyber-security, it will be refreshing to debate these in an open environment at The Open Group Conference, London, and discuss the many challenges we all face in navigating an increasingly complex IT world. I’d love to hear your views on the type of questions you’d like answered and any particular issues you feel passionate about.
O-ISM3 can be implemented as a top-down methodology to manage an entire information security program, or it can be deployed more tactically, starting with just a few information security processes. As such, it can deliver value to information security organizations of varying sizes, maturity levels, and in different industries.