in
All Tags » Policies Standards (RSS)

Browse by Tags

  • Re: Roll out of Security Policies

    Mike, In my experience, one of the chief complaints I here about security policies (and indeed most organizational policies) is that they don't fit the industry, are created in a silo oblivious to the organizational & process touch-points that exist (the presence of converged or partially converged...
    Posted to Policies and Standards (Forum) by rkaeder on 10-22-2007

  • Re: Mapping Regulatory Requirements

    Hi, The compliance must be addressed on more level of abstraction, depending on the company roles that have to analyze the compliance results. It must be clear the goal, for each function in the company. Tipically the roles involved are: - CxO - Security Management - Operations The following elements...
    Posted to Policies and Standards (Forum) by Paolo Ottolino on 08-09-2007

  • Re: ISO Standards - Whats the Future?

    Hi mcurphy. Well, what can I say? I'm a committed fan of the ISO27k standards and will happily support any initiatives that will help spread the word about them, encourage people to read and use them, and ideally contribute to their further development. I set up www.ISO27001security.com two years...
    Posted to Policies and Standards (Forum) by NoticeBored on 06-28-2007

  • Re: Best Writing on Policies and Standards

    Ed, FYI, both Vivek and I work as consultants and have previously been with large corporations as employees that wrote and implemented security policy. I agree there is a big difference between writing, publishing, owning and maintaining policies, but I'm not sure why you pointed that out. They main...
    Posted to Policies and Standards (Forum) by Jason on 05-21-2007

  • Re: Common Criteria - ISO standard

    A major problem that I currently see consistently is the mix of policies, procedures, and standards all in one document. I think before starting the policy framework as a group we need to have solid definitions for each of these terms. We should also develop a top 10 list of items that must be documented...
    Posted to Policies and Standards (Forum) by Jason on 05-08-2007

  • Re: The Problems with Policies and Standards

    [quote user="tthomas"]Frankly, there are not many people who look forward to writing, or are qualified to write policies and standards, so one big issue is "who will write them?" Modest to large sized organizations all need them, but rarely have someone who can actually write them...
    Posted to Policies and Standards (Forum) by mcurphey on 05-01-2007

  • Re: The Problems with Policies and Standards

    Frankly, there are not many people who look forward to writing, or are qualified to write policies and standards, so one big issue is "who will write them?" Modest to large sized organizations all need them, but rarely have someone who can actually write them professionally. Short of hiring...
    Posted to Policies and Standards (Forum) by tthomas on 05-01-2007

  • The Problems with Policies and Standards

    One of the projects I have want to do for a long time is to develop and release a good set of policies and standards for free. I plan to do the heavy lifting here and hopefully recruit a few good folks who will join me in writing. I know several sets exist like at SANS but IMHO they leave a lot to be...
    Posted to Policies and Standards (Forum) by mcurphey on 04-30-2007
Page 1 of 1 (8 items)
All Rights Reserved - The ISM-Community
Powered by Community Server (Commercial Edition), by Telligent Systems