Security Basics mailing list archives
Re: ISO/IEC 38500:2008 and impact on Security
From: "Meenal Mukadam" <meenal.mukadam () gmail com>
Date: Mon, 14 Jul 2008 10:42:07 +0530
Hello Veerargaloo,
From what I know about ISO/IEC 38500:2008 ISO/IEC 38500:2008 it is the
international standard for the corporate governance of information technology. In encourages the organizations to use appropriate standards to obtain their IT Governance objectives. And those being: 1) To establish responsibilities 2) Plan to best support organizations 3) Acquire information technology validly 4) Ensure performance when required 5) Ensure conformance with rules 6) Ensure respect for human factors Now the question is of the "Objectives" of the organization being Security focused or not. The Security appetite does vary from organization to organization. ISO/IEC 38500:2008's framework suggests principles for Directors to use when evaluating, directing and monitoring the use of IT in their organizations. According to this standard Information security is not the main focus but just the part of Information Technology. Board/Higher management's security appetite was and still is the biggest deciding factor. So again the Information Security in IT remains in the hands of two most influential factors. And those being Board & the Clients! Hence I see ISO/IEC 38500:2008 as an almost same standard just garnished in different Pallet. Kind Regards, Meenal A. Mukadam On Sat, Jul 12, 2008 at 1:03 PM, Veeraragaloo Maganathin <mmveeraragaloo () yahoo com> wrote:
Hi, I just need to find out from the group how they see the ISO/IEC 38500:2008 standard affecting Security moving forward? Excellence is never an accident; Its always the result of high intention, sincere effort, intelligent direction, skilful execution and the vision to see obstacles as opportunities ________________________________________________________________________________ Maganathin Marcus Veeraragaloo +27 84 777 7900 (South Africa) +234 70 3644 2684 (Nigeria) +234 70 57174586 (Nigeria)
-- Meenal A. Mukadam ------------------------------------------------------------- Far away there in the sunshine are my highest aspirations. I may/maynot reach them, but I can look up and see their beauty, believe in them and try to follow where they lead -------------------------------------------------------------
Current thread:
- ISO/IEC 38500:2008 and impact on Security Veeraragaloo Maganathin (Jul 12)
- Re: ISO/IEC 38500:2008 and impact on Security Meenal Mukadam (Jul 14)