[Ssr2-review] Perform an assessment of ICANN's Information Security Management System.
Matogoro Jabera
jaberamatogoro at gmail.com
Thu May 2 04:45:26 UTC 2019
Dear Russ,
This question seems to be widely discussed in the literature. We may need
to have a broad discussion before drafting a recommendation on it. If it
happen we have something that improve the SSR1 recommendation on the
certification.
Regards,
Matogoro
On Wed, 1 May 2019, 23:32 Russ Housley, <housley at vigilsec.com> wrote:
> Scott and Matagoro:
>
> I personally like the way that NIST CSF maps to the organizations mission
> statement. That seems like very pragmatic approach to me. I realize that
> it is not an ISO standard, but I cannot fault any organization for choosing
> NIST CSF as a way to make sure that the things that really matter to the
> organization are being addressed.
>
> Do you see things differently?
>
> Russ
>
>
> On May 1, 2019, at 4:13 PM, Scott McCormick via Ssr2-review <
> ssr2-review at icann.org> wrote:
>
> Hi Matogoro,
> From the response on compliance frameworks ICANN does not prescribe to ISO
> 27001 ISMS. They are moving forward with NIST CSF as their standard,
> however ISMS is an ISO definition. Feel free to draft a response.
>
> -Scott
> *Scott McCormick*
> Security Compliance
> mobile 443.691.2013
> smccormick at hackerone.com
> <https://www.hackerone.com/>
>
> *Check out the 2018 Hacker Powered Security Report
> <https://www.hackerone.com/sites/default/files/2018-07/The%20Hacker-Powered%20Security%20Report%202018.pdf>*
> [image: linkedin3.png] <https://www.linkedin.com/company/hackerone> [image:
> twitter-xxl.png]
> <http://t.yesware.com/tt/324020b77f436d605944dd917f93cf8de45fe242/62c45ebe131fc28be581b4bff2ca67fb/01d7a328dc464e0519e7eeb20aae62ee/twitter.com/hacker0x01> [image:
> facebook-symbol_318-37686.jpg]
> <http://t.yesware.com/tt/324020b77f436d605944dd917f93cf8de45fe242/62c45ebe131fc28be581b4bff2ca67fb/e2e4bd1be597154a7d7cb6695eba218f/facebook.com/hacker0x01>
>
>
> On Thu, Apr 25, 2019 at 5:17 AM Matogoro Jabera <jaberamatogoro at gmail.com>
> wrote:
>
>> Dear Alain,
>>
>> Thank you for this updates. I am waiting for Noorul to see if he has
>> something to share. Otherwise, I am allocating my effort to develop zero
>> draft for your review and input.
>>
>> Regards,
>> MATOGORO Jabhera
>> Assistant Lecturer
>> College of Informatics and Virtual Education
>> The University of Dodoma
>> P.O Box 490,
>> Dodoma.
>> Website: www.udom.ac.tz
>> *IEEE Membership ID: 93934185*
>>
>>
>> On Thu, Apr 25, 2019 at 4:19 AM ALAIN AINA <aalain at trstech.net> wrote:
>>
>>> Matogoro,
>>>
>>> I have nothing. After the DNS crypto, i am now working on the L-root
>>> practices..
>>>
>>> —Alain
>>>
>>> > On 25 Apr 2019, at 08:01, Matogoro Jabera <jaberamatogoro at gmail.com>
>>> wrote:
>>> >
>>> > Dear Alain, Dear Noorul,
>>> >
>>> > It is my hope that this email will find you doing fine. I am writing
>>> > as a follow-up on any status regarding our topic - Perform an
>>> > assessment of ICANN's Information Security Management System.
>>> >
>>> > Please let me know if you have something already. Otherwise, I would
>>> > be happy to write something later today and share it back by next week
>>> > for your quick review.
>>> >
>>> >
>>> > Regards,
>>> > --
>>> > MATOGORO Jabhera
>>> > Assistant Lecturer
>>> > College of Informatics and Virtual Education
>>> > The University of Dodoma
>>> > P.O Box 490,
>>> > Dodoma.
>>> > Website: www.udom.ac.tz
>>> > *IEEE Membership ID: 93934185*
>>>
>>> _______________________________________________
>> Ssr2-review mailing list
>> Ssr2-review at icann.org
>> https://mm.icann.org/mailman/listinfo/ssr2-review
>>
> _______________________________________________
> Ssr2-review mailing list
> Ssr2-review at icann.org
> https://mm.icann.org/mailman/listinfo/ssr2-review
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20190502/f001b9c8/attachment.html>
More information about the Ssr2-review
mailing list