705 words, 2.6 minutes read. By Gerard Blokdyk
ISO 38500 1 big thing: Interact with multiple stakeholders as business and architecture information gathering workshops and eliciting requirements.
The big picture: Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
Why it matters: Invest in conducting reviews and doing post-review work for Enterprise Information Security Governance (identification, classification, protection, retention and disposition) for structured and unstructured environments.
Go deeper: Define the vision, strategy, and the implementation of the Information Security program in support of successful governance, execution and delivery of policy and standards.
Yes, but: Use data and insights to inform conclusions and support decision making and develop a point of view on key trends, and how they impact (internal) clients.
How it works: Ensure you aim to protect personal information by implementing and maintaining reasonable security, such as by using reasonable organizational, technological and physical safeguards appropriate to the sensitivity of the personal information you hold.
What we’re hearing: “Lead effort to prepare materials for weekly management meetings, including collecting information from organization leads and project managers and coordinating presentation materials with them.“, Service Support Manager
State of play: Work effectively across the business to facilitate information security risk assessment and risk management processes and ensure alignment between security, technical architecture, and coding processes.
Meanwhile: Make sure the Project Manager will be required to comply with all applicable laws, regulations, policies, standards and guidelines affecting Information Technology projects, which have to be created or changed periodically.
Between the lines: Develop experience providing executive level leadership and management of enterprise- wide information technology resources, for a large, complex, geographically dispersed organization, to include IT infrastructure management and consolidation, enterprise applications, IT governance, enterprise architecture, integrated IT service delivery, IT security, and IT portfolio management.
The backdrop: Lead functional and or technical support to ensure business requirements of mission partners are delivered in the context of the Information Technology Solution.
On the flip side: Analyze, interpret, and create actionable information from the output of enterprise cybersecurity capabilities such as the Security Information and Event Management (SIEM) tool, endpoint security, network boundary protection, network intrusion detection, vulnerability scanning, and Security Content Automation Protocol (SCAP) compliance scanning.
Under the hood: Warrant that your company works with business/(internal) customers to implement the various governance and monitoring programs required to properly manage records in the lines of business and in Information Technology.
Get the ISO 38500 Kanban: Top ISO 38500 Must Haves
Look inside the ISO 38500 Kanban:
Learn the Top Emerging ISO 38500 Risks HERE: store.theartofservice.com/ISO-38500-critical-capabilities/
Top thinkers are using The Art of Service Kanbans, the Kanbans that are helping leaders stay ahead of what’s next.
This Kanban will help you plan your roadmap. The ISO 38500 Kanban enables leaders to shortlist hundreds of appropriate results, already prioritized.
Get Started:
Questions? Email us HERE
Get started: store.theartofservice.com/ISO-38500-critical-capabilities/
Be smart: Conduct Assessments for PIT, Assessment and Authorization for PIT Systems and Assessment and Authorization for Information Systems to successfully obtain an Authorization to Operate.
The bottom line: Implement approved policies and procedures to ensure information security efforts system-wide are properly coordinated and in compliance to make recommendations for changes and improvements to reduce the overall security risk.
What’s next: Ensure your group supports compliance and manages the process of identifying risks related to the collection, storage, protection, access, use, and destruction of personally identifiable or sensitive information.
ICYMI: Ensure your software enables holistic and informed conversations about governance, risk and compliance and ensures CEOs, CFOs and the board have an integrated view of audit, risk, information security, ethics and compliance from across the organization.
Look inside the ISO 38500 Kanban:
Want to reuse this data? Purchase your license here:
One-time payment for perpetual commercial re-use
Questions? Email us HERE
Get started: store.theartofservice.com/ISO-38500-critical-capabilities/
Trusted by: FirstEnergy Corp, AE Stategies, LendingPoint, LLC, kraken, IBM, Micron Technology, IDC, CapB InfoteK, Mastery Logistics Systems, Inc., Accenture, McKesson, LumApps, Honeywell, Avery Dennison, Audible, Fidelity Investments, Olathe Public Schools, Amex, Emory University, Kajeet, Inc., Aruba Networks, Volkswagen Group of America, MasterBrand Cabinets Inc., Platform Science, Autonomic, Medtronic, NextEra Energy, Tesla, Novetta, Sirqul, Inc, Kwik Trip Inc, Particle, Rivian Automotive, Watts Water Technologies, Signify, Martin Engineering, TalentWerx, Terumo Medical Corporation, PepsiCo, Microsoft, Delta Faucet Company, Amazon.com Services LLC, Siemens, SunPower, Johnson Controls, Cummins Inc., BrightInsight, Losant, Pall, Allegion, Spireon, Lumin, Insight Enterprises, Inc., Alarm.com, Vodafone, Rad Power Bikes, Axon, ENEL, Schneider Electric, Precision Fermentation, Deeplocal Inc., Harbor Industries, Inc., Samsara, Ayla Networks, Prime Vision, Walmart, Xerox