...
- CMM levels
- (Periodic) benchmark against ISO, etc
- Model for comparing baseline with management goals
- Nist 8xx-xx
- Upcoming European standards competing with ISO
Additional topics (25 October consultation)
- Policy templates/examples
- "default" ISMS
- A common mechanism for evaluating security posture - useful for benchmarking
- Guide to apply the baseline for an NREN (e.g. where/how to start with ISMS)
- Standards/frameworks in easy terms (explanations)
- Developing an integrated European Standard considering IT Service management, Information Security-Standards like ISO20k, ISO27k, NIST, GDPR
- Benchmarking your NREN to others
- Few standards selection and analysis for Policies creations
- Consider baselining for our clients (Universities) also (not sure if this is scope or just NRENs) - it would be equally of interest to NREN