One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk.
Tag: ISO standard
The Open Group SOA Governance Framework Becomes an International Standard
The Open Group SOA Governance Framework is now an International Standard, having passed its six month ratification vote in ISO and IEC. According to Gartner, effective governance is a key success factor for Service-Oriented Architecture (SOA) solutions today and in the future.
Optimizing ISO/IEC 27001 Using O-ISM3
Read more about a recently published Open Group guide titled “Optimizing ISO/IEC 27001 using O-ISM3” that is relevant to organizations using ISO27001/27002 as their Information Security Management System (ISMS).
The Trusted Technology Forum: Best practices for securing the global technology supply chain
Supply chain risk needs focus to be able to address the concern. If everything is “a supply chain risk,” then we can’t focus our efforts and hone in on a reasonable, achievable, practical and implementable set of practices that can lead to better supply chain practices for all, and a higher degree of confidence among purchasers.