Skip to main content

Online information provided for stakeholders' consumption

It must relay the true meaning and real application necessary in the physical world. We have probably all experience how to learn first thing about our plans before we go ahead and act. Like for instance, when we order something online, attend to some responsibilities for our organizations, communicate with people via video, chat and email including but not limited to asking stakeholders, very politely and sincerely, if there's anything else we can do to help further. This online environment must make us work to facilitate and relay exactly what we expect and do in the physical world. What the online information is telling us should be enough to readily make a decision and act accordingly. This is especially true when people have to do it themselves, read relevant information and will go there, say store, or anywhere else, to perform the chores required.  We cannot provide information online, when customers expect them to be a guideline or instruction to do something, that we know
Post a Comment

ISO/IEC 27003:2010 ISMS' implementation guidance

It is new and got published 13 Feb 2010! This standard, accordingly, focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the processes of ISMS specification and design from inception to the production of implementation plans, obtaining management approval to implement an ISMS, defines a project to implement an ISMS and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan.

The ISMS or ISO/IEC 27000 family composition:
- 27000 is overview and vocabulary (can be downloaded here for free);
- 27001 is requirements;
- 27002 is code of practice;
- 27004 is measurement;
- 27005 is IS risk management;
- 27006 is requirements for bodies providing audit and certification;
- 27011 is guidelines for the telecommunications industry.

The above are published documents and more from this family of standards are still in development stages.

Comments

Post a Comment

Popular posts from this blog

[TW] IT documents, audit and leaders

IT documents comes with different names such as the following: - Manual or handbook, - Policies and procedures, - Management systems, - Project plans. In the real world we have various names with unique descriptions and purposes when in fact they could be made to do a uniform direction for which actions are based for the entire IT initiatives, probably the longest in IT lifecycle is operation. The problem is our inclination on something else which is wrong. IT remains an IT area. Business remains a business area. The same problem is carried out when we conduct IT audit. Most audit are missing the gists in which IT is being used by businesses. We once said that an effective IT audit is conducted by IT people themselves but there is something wrong with that even. Business and accounting people have been doing it with a different bias and preconceived notions which doesn't make the cut for IT direction and audit respectively. Leaders play the same game and so the problem continues an
1 comment
Continue Reading

[TW] Customers' trust and domains outside of internet's root

We all consider ourselves customers. Those who own businesses are customers even of their own. When we talk about the utility of technology, we often use customers to refer to our colleagues and some stakeholders that were provided access to our enterprise system. In business, customers are those who acquire and engage our products and services, respectively. Customers' trust is achieved and retained when we meet the expectations of our colleagues, stakeholders and the buyer of our products, services and ideas. Not only that we have assured them of those expectations in the contract or terms and conditions including some form of agreement but we attend to them sincerely when they need help. Giving them almost everything they need to form a decision. The experience must not be shallow and pretentious or they would notice whatever motive there is in between. Customers' trust is build not by the customers alone, just because we kept their experience up to their standards or we str
Post a Comment
Continue Reading