Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Some thoughts on the organization of our work

To: stds-2600@ieee.org
Subject: Some thoughts on the organization of our work
From: don@lexmark.com
Date: Wed, 12 Nov 2003 15:56:59 -0500
Sender: owner-stds-2600@majordomo.ieee.org


As you all know, there are few pre-existing standards covering the Hardcopy
Device and Systems Security Area.  As such, I have been examining the "art"
in the general IT security area for applicable content.  ISO/IEC 17799
entitled "Code of practice for information security management" is such a
general standard.  It is organized well and could easily be supplemented
with more details and specific actions and controls for the hardcopy space.
Additionally, there is a nice checklist organized by audit area and
objective that is cross refenced to 17799 available from SANS at:
http://www.sans.org/score/checklists/ISO_17799_checklist.pdf

Before our meeting in Tampa, I believe it would be helpful if you could
review 17799 and the above checklist so we can come into the meeting with
the understanding of how related work like this has been done before.

If you are aware of other background or related material the group should
examine and review at the meeting, please let the rest of us on this list
know.

**********************************************
 Don Wright                 don@lexmark.com

 Chair,  IEEE SA Standards Board
 Member, IEEE-ISTO Board of Directors
 f.wright@ieee.org / f.wright@computer.org

 Director, Alliances & Standards
 Lexmark International
 740 New Circle Rd
 Lexington, Ky 40550
 859-825-4808 (phone) 603-963-8352 (fax)
**********************************************

Prev by Date: RE: Some thoughts on the organization of our work
Next by Date: Tampa Meeting Agenda
Prev by thread: Thursday and Friday Meeting Room
Next by thread: RE: Some thoughts on the organization of our work
Index(es):
- Date
- Thread