When The Open Group develops a new standard, we take an end-to-end view of the ecosystem all the way through from customer requirements, developing consensus standards to certification and procurement. We aim to deliver standards that meet a need in the marketplace and then back those up with certification that delivers an assurance about the products or in the case of people certification, their knowledge or skills and experience. We then take regular feedback on our standards, maintain them and evolve them according to marketplace needs.
O-ISM3 can be implemented as a top-down methodology to manage an entire information security program, or it can be deployed more tactically, starting with just a few information security processes. As such, it can deliver value to information security organizations of varying sizes, maturity levels, and in different industries.
Entitled “Just enough EA”, a set of case studies has been published by the Joint Information Systems Committee (JISC), made up of senior managers, academics and technology experts working in UK further and higher education.
In a previous article, “Cloud Computing requires Enterprise Architecture and TOGAF 9 can show the way,” I described the need to define a strategy as an additional step in the TOGAF 9 Preliminary Phase. This article describes in more detail what could be the content of such a document, specifically, what are the governance activities related to the Consumption and Management of Cloud Services.
Specific to IT security, the world is indeed flat, and the threats being faced as well as the security concerns and approaches in India and UAE mirror those in the US, Europe, and elsewhere.
The emergence of service platforms and services enabled by the Cloud and its pervasiveness into social media and social networks underpinned by Cloud infrastructure and data centers; platforms enabling or launching other platforms. What does the future hold?