One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk.
The Open Group SOA Governance Framework is now an International Standard, having passed its six month ratification vote in ISO and IEC. According to Gartner, effective governance is a key success factor for Service-Oriented Architecture (SOA) solutions today and in the future.
Read more about a recently published Open Group guide titled “Optimizing ISO/IEC 27001 using O-ISM3” that is relevant to organizations using ISO27001/27002 as their Information Security Management System (ISMS).
Supply chain risk needs focus to be able to address the concern. If everything is “a supply chain risk,” then we can’t focus our efforts and hone in on a reasonable, achievable, practical and implementable set of practices that can lead to better supply chain practices for all, and a higher degree of confidence among purchasers.