Attendees:
John DiMaria |
Jim Angle |
Claude Baudoin |
Steve Woodward |
Andreas Fuchsberger - CSA |
Due to an ISO audit and other issues, a formal agenda was not sent out:
Topics discussed:
ISO 15408 has been released: The Common Criteria for Information Technology Security Evaluation (Common Criteria or CC) is an international standard (ISO / IEC 15408) for IT product security certification. It is a framework that provides criteria for independent, scalable and globally recognized security inspections for IT products.
Next April, the SC27 meetings will be held in Redmond at Microsoft. Any ISC member that wishes to attend can do so as a guest of the liaison (CSA ISC). Anyone wishing to attend should contact John DiMaria and Andreas Fuchsberger ASAP.
The next meeting of the OMG Cloud working Group is being planned for Wed., December 7.
9 - 12P CT
7-10A PT
10 - 1P ET
4 - 7 PM CET
Anyone wanting to attend should contact Claude Baudoin (
[email protected]) and he can provide a discount code.
OMG has developed a draft "Proposed Standard Template for Cloud Service Agreements." OMG would like the CSA/ISC input.
John DiMaria will pass it on to research. https://docs.google.com/document/d/17D7j_uzBb9Wpfec4SS7u7XQ3T8tMODSf/edit?usp=sharing&ouid=118337635789418127490&rtpof=true&sd=true
Other SC news:
SC7 (Cloud QA) will be meeting starting November 28th
The high-Level Structure was revised a while back but with inky minimal changes.
JIC1 (Japan) will be meeting and have much more pull in terms of the HLS/deeper changes may be on the way, specifically clause 4 Context of the Organization as well as the definition of "Risk".
NOTE: Please see attached SC27 report sent in by Eric Hibbard late after the meeting.
The next meeting is scheduled for Thursday, December 15, 2022
------------------------------
JOHN DIMARIA
ME
CSA
[email protected]------------------------------