Innovation can make huge leaps in societal quality of life and benefit for all; but with every advance there can be counterproductive and emergent issues that result which may be detrimental to markets. Without standards in areas that enable trade exchange, markets would be fragmented, limiting potential growth and evolution of new opportunities.
The challenge is to position standards and policies to use standards in a way that establish and enable products, services and markets to be created or developed. The Open Group does just that.
When The Open Group develops a new standard, we take an end-to-end view of the ecosystem all the way through from customer requirements, developing consensus standards to certification and procurement. We aim to deliver standards that meet a need in the marketplace and then back those up with certification that delivers an assurance about the products or in the case of people certification, their knowledge or skills and experience. We then take regular feedback on our standards, maintain them and evolve them according to marketplace needs.
O-ISM3 can be implemented as a top-down methodology to manage an entire information security program, or it can be deployed more tactically, starting with just a few information security processes. As such, it can deliver value to information security organizations of varying sizes, maturity levels, and in different industries.
The Open Group Conference, San Diego: I’ve found these conferences over the past five years an invaluable venue for meeting and collaborating with CIOs, enterprise architects, standards stewards and thought leaders on enterprise issues. It’s one of the few times when the mix of technology, governance and business interests mingle well for mutual benefit.
Business decision makers aren’t interested in the details, but they want to know important IT decisions being made in their business are in the hands of true professionals. Certification verifies the qualities and skills IT executives have with regards to the effective deployment, implementation and operation of IT solutions.