You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Video conference meeting of the WISE SCIV2-WG

13 May 2016 at 13:00 UTC

Agenda

  • Minutes of last meeting (4th May 2016)
  • Look at SCI version 1 document and discuss questions raised by Adam Slagell
    • What are we trying to accomplish beyond creating the self-assessment, and did we meet those goals?
    • Do we need to extend the scope of the document, or should we focus on getting more impact from the first document (especially if we didn’t meet all our goals the first time)?
    • What does it mean to get acceptance by the DII’s, and have we achieved that?
    • Depending on where these lead, we might conclude that what we really want is more organizations doing the self-assessment and to have these results published centrally or otherwise. I could see that certainly helping those of us looking for resources or justification for the different components of our security program efforts.
    • Taking this hypothetical further, if that is our goal, a reasonable next step is to develop a guideline for the assessment. 
  • Comparison with Sirtfi V1.0 and ISO27002 (Alf Moens)
  • Next steps
  • Next meeting

 

Minutes 

Present: Eli Beker, Linda Cornwall, Dave Kelsey (Chair), Stefan Leuders, Alf Moens, Ian Neilson, Vincent Ribaillier, Mischa Salle, Adam Slagell (Vice-chair), Romain Wartel, Eric Yen.

Apologies:  Warren Anderson, Bob Cowles, Sven Gabriel, Hannah Short

 

1. 13:05 UTC - Dave welcomes all to this meeting. The agenda is agreed. There were no further comments or corrections to the minutes of the last meeting (4th May 2016) so these are approved.

There were 4 implied actions at the last meeting. So as not to lose these Dave proposes that we use a group "actions" page on the wiki. He will create this.

2. We start to discuss the questions Adam had sent around before the meeting.
In relation to SCI version 1 document:

  • What are we trying to accomplish beyond creating the self-assessment, and did we meet those goals?
  • Do we need to extend the scope of the document, or should we focus on getting more impact from the first document (especially if we didn’t meet all our goals the first time)?
  • What does it mean to get acceptance by the DII’s, and have we achieved that?
  • Depending on where these lead, we might conclude that what we really want is more organizations doing the self-assessment and to have these results published centrally or otherwise. I could see that certainly helping those of us looking for resources or justification for the different components of our security program efforts.
  • Taking this hypothetical further, if that is our goal, a reasonable next step is to develop a guideline for the assessment. 

But before we get too far, Romain encourages us to take a step back on consider our goals again.

 

5. Next meeting. There will be just one meeting between now and the TNC2016 BoF session. Proposed dates are 31 May, 1 June or 2 June. Dave will send a Doodle poll. The agenda will be to look at the SCI V1 comparisons and decide what to present at the TNC BoF (e.g. an agreed mandate statement).

DaveK: thanks to all for your participation.

Meeting ended at 14:10 UTC

Notes by DaveK - 17 May 2016

 

  • No labels