Jump to content

Search the Community

Showing results for tags 'ISO'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Categories

  • Founder
  • Platinum
  • Gold
  • Silver
  • Partners

Forums

  • Framework 101
    • Webseries
    • Tiers
    • Profiles
    • Framework Core
  • General
    • Implementation Guidance
    • Solutions
    • Framework in the News
    • Supply Chain Risk Management
    • Success Stories
    • General Discussion
  • Version 2.0
    • Governance
    • Technical Qualifications
    • Updates and Improvements
  • Workshop
    • Feedback
  • Members
    • Member's Lounge
  • BSI RFI Responses

Blogs

  • Team CForum
  • Mike Brown's Blog
  • Tom.Conkle's Blog
  • Tony Sager's Blog
  • RonGula's Blog
  • Whitsitt on the NIST Framework
  • Frank Downs' Blog
  • Thoughts from Greg
  • matthew.smith's Blog

Categories

  • General
  • BSI RFI Responses
  • Guides
  • Templates
  • Example Profiles
  • Other Resources

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


ICQ


Yahoo


Jabber


Skype


Location


Interests


First


Last


Middle


Company Name


Sector


Affiliations


Country

Found 1 result

  1. As G2's engineers help to implement the Cybersecurity Framework around the world, we often find that clients are using (or plan to use) the ISO/IEC 27000 family of standards to help establish, implement, maintain, and continually improve their Information Security Management Systems. These organization currently receive recognition for their work in implementing ISO; however, their use of the Framework is not acknowledged or readily recognizable by other organizations. If a Framework "certification" was established, would companies use and/or trust the “certification”? The very use of and model for Framework is voluntary, and Framework isn’t set up to be a conformance standard, yet it’s well-structured and interchangeable. Many Framework users are already working toward formal assessment of their conformance to ISO/IEC 27001 procedures and controls. If an accredited assessor is already assessing the implementation of those ISO procedures and controls (which align with many of the Framework outcomes), would it be valuable to assess the reasonableness of how the organization has implemented the Framework itself? It might be – that’s what we’re looking to find out. BSI has released an RFI to determine if such a "certification" would provide value to the community and how organizations could leverage the "certification" to help them make business decisions. The RFI is available at BSI via this link – pro or con, we’d welcome your input at http://pages.bsigroup.com/l/73472/2016-08-11/61k6wf.
×