With a couple of volunteers, work on the RA Methodology has been moving forward. I spent some of the last week working on the front and back of it, adding in the niceties like the license snippet, links to other risk assessment/management guides, etc...

As you would have no doubt seen, the Top Ten was released last week in an absolute media frenzy :) Great to get it out there and thanks to everyone who contributed. I think it serves as a good basic guideline and hopefully offers food for thought with...

Press Release for the ISM Top Ten List: ISM-Community Releases Top Ten for IT Security Management Worldwide community of information security managers cuts through the FUD to offer the fundamentals Washington, DC June 28 th , 2007 — The Non-Profit Information...

You might well notice some changes on the home page today. The portal hasn't really had much TLC for a while and its been hard to find things and participate. That is changing. Today I installed the enterprise email gateway. This allows you to subscribe...

With some coaching and Yahoo! Pipes non-wizardry (it's CISO-proof, all drag-n-drop programming), I have thrown together a combined blog feed that contains the feed for the "official" ISM-Community blog feeds plus the personal/work/$foo blogs...

"First we said it was too cold and that the fish were not feeding. Then we said it was too sunny and the fish were scared. Then we discovered that the fish had gone elsewhere. When we found the fish, we started casting to them with nice juicy baitfish...

Ciske van Oosten has agreed to take over the Policies and Standards project at the ISM Community. Ciske runs a great blog focused on policies and standards at http://infosec-risk.blogspot.com/ . The idea behind the Policies and Standards project is to...

I have just uploaded the ISM Community Top Ten Draft here . The intention of the T10 is to provide a short and concise awareness document. In the same genre as the SANS Top 20 and OWASP Top Ten it can be used by business managers as well as information...

Since my flurry of activity a week ago and subsequent blog posting and creation of new threads, the Identity and Privacy forum has been VERY quiet.... I am not sure if it's because there was just too much information posted at one time? Or because...

Hi, here comes the weekly update.... I am trying to post on during the weekend, but didn't make it this weekend. However I do have a very nice new home office that materialized over the weekend, so feeling it was pretty productive, means I have a...

We have a standard privacy policy donated by SourceClear. Check out the following http://www.ism-community.org/forums/t/551.aspx. And there have been some lively discussions concerning definitions on identity, identification, authentication and authorization...

Another top ten review... This time, the entire ISM top ten is being put into one overall document and into a bit more of a logical flow. I'm awating the esteemed members of the Steering Commitee to review and we will re-publish. Each individual item...

The summer is finally here in the South of France. Its 86 today and from this point until the end of Sept it should be sunny and hot. We had a few offers for some policy documents but sadly most had strings attached that meant they would not be suitable...

As you can see from the rolling titles on the front page of the ISM Community just getting agreement on simple terminology is not as simple as it could be. Thanks to some great contributions from ebreece, jason and dave we are starting to roll. I have...

Things are a little strange in the State of Queensland. We are on level 5 water restrictions meaning no car washing (suits me), 4 minute showers (thats 3.45 minutes over what I have anyway), I can't even put any more water in the swimming pool so...

The ISM Top Ten is now complete! All ten now uploaded for everyone's pleasure. Please check them out and give me your opinions.

Welcome to the Identity and Privacy Focus Area. I plan to blog post here weekly with news of progress for those that don't want to delve into the forums / mailing lists. You can subscribe to these updates via RSS at the side bar. A lot of research...

ISM-Community was originally created and the steering committee formed in Fall of 2006. During that time, one of our key activities was to come up with a list of projects that were worthwhile, and that list became somewhat of a direction for us to move...

Took some advice and have blasted 9 of the ISM Top Ten up for review. The 10th and final one, 'Make it easy for people to do the right thing (Polices and Proceudres Matter) will follow real soon.

I've just published the first guidline out of the ISM Top Ten as referenced in my previous blog post. Look forward to some feedback, in the meantime, I'll keep them coming on a weekly basis! TS.