Innovation can make huge leaps in societal quality of life and benefit for all; but with every advance there can be counterproductive and emergent issues that result which may be detrimental to markets. Without standards in areas that enable trade exchange, markets would be fragmented, limiting potential growth and evolution of new opportunities.
If you have responsibility for managing compliance in your organization, or if you are a vendor whose software product involves compliance or security configuration management, we invite you to learn more about The Open Automated Compliance Expert Markup Language (O-ACEML) standard.
The challenge is to position standards and policies to use standards in a way that establish and enable products, services and markets to be created or developed. The Open Group does just that.
When The Open Group develops a new standard, we take an end-to-end view of the ecosystem all the way through from customer requirements, developing consensus standards to certification and procurement. We aim to deliver standards that meet a need in the marketplace and then back those up with certification that delivers an assurance about the products or in the case of people certification, their knowledge or skills and experience. We then take regular feedback on our standards, maintain them and evolve them according to marketplace needs.
O-ISM3 can be implemented as a top-down methodology to manage an entire information security program, or it can be deployed more tactically, starting with just a few information security processes. As such, it can deliver value to information security organizations of varying sizes, maturity levels, and in different industries.