Skip to main content

Jobs we observed in a system performance

They are made either any of the following- - Tech job, - Business job, - Nut job, or - Enterprise job. What's yours? Can you do it better from your existing drive? Whatever you do, your output should facilitate not just your organization's goal but a little more than what you originally planned. Leaders usually kept them in the mind, so subtle only them knows it, but with some useful and delicate strategies employed people really are doing a good job, and working to improve them, too. That's the beginning why corporate social responsibility, or even the consequential environmental, social and governance initiatives can be a potent move to do something, if pertinent or weighty is even the right word. That doesn't need an ostentatious resources but the effect is meaningful for stakeholders, everyone we meant.

ISO/IEC 27003:2010 ISMS' implementation guidance

It is new and got published 13 Feb 2010! This standard, accordingly, focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the processes of ISMS specification and design from inception to the production of implementation plans, obtaining management approval to implement an ISMS, defines a project to implement an ISMS and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan.

The ISMS or ISO/IEC 27000 family composition:
- 27000 is overview and vocabulary (can be downloaded here for free);
- 27001 is requirements;
- 27002 is code of practice;
- 27004 is measurement;
- 27005 is IS risk management;
- 27006 is requirements for bodies providing audit and certification;
- 27011 is guidelines for the telecommunications industry.

The above are published documents and more from this family of standards are still in development stages.

Comments

Popular posts from this blog

Philippine telcos blocking entire SMS text with internet addresses in it

If you are sending SMS texts to your friends, family or colleagues and they contain internet or web address including IP and email addresses, and even a period or dot separating, regardless of, your words and numbers, they are automatically blocked and not going to be received by your waiting recipient. Cooler heads must prevail here especially if an important message is urgently being expected. IP version 6 address is fine. However, an IPv4 including localhost address (given automatically to every computers and network interfaces as their own alone designed for troubleshooting purposes), and your money in the billion figure using dot as separators would be blocked.  If you send "local.business, naman.naman etcetera" or any words that made you use dot in between them, as part of the text, they will be blocked. There are some, that isn't blocked in this category. Like check.iclassed, some.ent, whatever.local etcetera, that is because they do not form any domain name at all

Online information provided for stakeholders' consumption

It must relay the true meaning and real application necessary in the physical world. We have probably all experience how to learn first thing about our plans before we go ahead and act. Like for instance, when we order something online, attend to some responsibilities for our organizations, communicate with people via video, chat and email including but not limited to asking stakeholders, very politely and sincerely, if there's anything else we can do to help further. This online environment must make us work to facilitate and relay exactly what we expect and do in the physical world. What the online information is telling us should be enough to readily make a decision and act accordingly. This is especially true when people have to do it themselves, read relevant information and will go there, say store, or anywhere else, to perform the chores required.  We cannot provide information online, when customers expect them to be a guideline or instruction to do something, that we know

Philippine cyber campaign

Are Philippine institutions being targeted or simply being probed? We don't know for certain. It could be either or both. Whichever comes first? What we can understand, with the success of such attacks, is that they have found their way. Really.   How hard or easy? The attacker knows, but probably, also, those being attacked. Inclination should be there no matter how sophisticated our security systems are. In cybersecurity, we do a very focused job. Making sure we disappoint whoever is trying to gain access to any resource without permission and authority regardless of the environment we are in. What happened is that every asset deemed to have every variant of resource built-in, operating, that makes up the entire system working whatever it is trying to employ, in that case the primary purpose. Meaning, we have to know if we are running our system in a manner that is really secure, provisioned properly during design stage and managed continuously afterwards, post-implementation. No