11 years, 27 days ago

Improving Signal-to-Noise in Risk Management

One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk. Continue reading

11 years, 4 months ago

The Open Group SOA Governance Framework Becomes an International Standard

The Open Group SOA Governance Framework is now an International Standard, having passed its six month ratification vote in ISO and IEC. According to Gartner, effective governance is a key success factor for Service-Oriented Architecture (SOA) solutions today and in the future. Continue reading

11 years, 6 months ago

Optimizing ISO/IEC 27001 Using O-ISM3

Read more about a recently published Open Group guide titled “Optimizing ISO/IEC 27001 using O-ISM3” that is relevant to organizations using ISO27001/27002 as their Information Security Management System (ISMS). Continue reading →

13 years, 2 months ago

The Trusted Technology Forum: Best practices for securing the global technology supply chain

Supply chain risk needs focus to be able to address the concern. If everything is “a supply chain risk,” then we can’t focus our efforts and hone in on a reasonable, achievable, practical and implementable set of practices that can lead to better supply chain practices for all, and a higher degree of confidence among purchasers. Continue reading