Policy, Standards, Regulations & Compliance
Outsourcing Guide and Common Assessment Criteria Mar 03 2007 01:19PM
Mark Curphey (mark curphey com)
Two interesting projects are gathering steam at the ISM-Community.

Information Security Outsourcing Guide - Outsourcing security is here to
stay, like it or not. We are lucky enough to have two volunteers who
understand a great deal about the business of outsourcing and the security
implications. They have been both consumers and providers. They are
collaborating to create a guide for Information Security Outsourcing. An
initial forum has been set up here and the project is looking for volunteers
to contribute. The project leaders are Bill Hau and Stuart King.

http://www.ism-community.org/forums/42/ShowForum.aspx

Service Provider Assessment Criteria - several people have expressed
frustration at the amount of duplication and inconsistency they go through
on a regular basis when dealing with service provider assessments. BITS has
a good standard format but other industries are no represented and BITS
tends to be US focused. This project will create a common set of criteria
from which to evaluate 3rd parties. Again an initial forum has been set up
here and the project is looking for volunteers to contribute. The project
leader is Doug Markiewicz.

http://www.ism-community.org/forums/43/ShowForum.aspx

Both projects will work on a plan in the next week or so.

Please consider getting involved and shaping these projects by either
directly contributing with

Work you have already done that can be reused
Writing documentation
Sharing your thoughts on the forums

Cheers,

Mark Curphey
Blog - http://www.securitybuddha.com
Fun - http://www.securitybullshit.com
Community - http://www.ism-community.org

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus