International Standardization Council

Minutes from ISC Meeting held January 19, 2023

  • 1.  Minutes from ISC Meeting held January 19, 2023

    Posted Jan 19, 2023 12:47:00 PM
      |   view attached
    Attendees:
    John DiMaria
    Claude Baudoin
    Morris# Jason
    Rachelle Summers
    Eric Hibbard 
    David Harris
    Hamid ?
    Agenda:
    • Standards Report: Eric Hibbard (Chair)
      • ISO/IEC 22123-1 Final document sent out for approval
      • -2 : Some comments still being resolved. Expect FDIS in about 2 weeks
      • Next SC/38 meeting is scheduled for the week of February 14th in Australia 
      • ISO/IEC 27017 and 27018 are expected to be revised due to the 2022 version of ISO/IEC 27001. No word yet.
      • ISO/IEC 27701-1 Ballot is underway
    • SC 38 Liason Report (Attached)
      • Reviewed the SC 38 Liason Report - CSA would also like to explore taking ISO/IEC TR 3445; Information technology - Cloud computing - Audit of cloud services to an IS, and would like to suggest a PWI. We will be making a formal package in the coming weeks. We think it has great potential for the auditing community and can fill a gap that has existed for many years.
    • 2023 Charter - Objectives
      • ACTION: John DiMaria is to post the current charter to google docs for sharing and gathering comments for 2023 
    • Peer Review ResultsOMG Comment Period: Proposal for a Standard Cloud Service Agreement Template
      • Peer Review is now closed, and Claude Baudoin will revise and submit a final draft over the coming weeks.
    • Open dialogue
    • Data Governance 
      • David Harris reported that due to a lack of collaborative interest in the topic, from a Data Governance paper, he will be shifting to what appears to be missing from all Data Governance papers, that being Domain Vocabularies/Taxonomies/rules.
        The intent is to publish domain-specific vocabularies such that existing data governance practices and initiatives like Master Data Management can elect to include OMG standard domain vocabularies; the approach will initiate with focusing on (4) domains, Privacy, Trade Control, Intellectual Property and Information Security.
      • There will be a call for volunteers to author once David is ready with the outline.

        The next call is scheduled for Thursday, February 16th

        This will be a 'referenceable' standards document to fill the gap existing frameworks and standards papers do not deliver what is required to execute at an extended scale.


    ------------------------------
    JOHN DIMARIA
    ME
    CSA
    [email protected]
    ------------------------------

    Attachment(s)