SBP/07-0015

 

INCITS
InterNational Committee for Information Technology Standards
INCITS Secretariat, Information Technology Industry Council (ITI)
1250 Eye St. NW, Suite 200, Washington, DC 20005
Telephone 202-737-8888; Fax 202-638-4922

 

Date:

September 28, 2007

Reply to:

Ed Stull

Phone:

(301) 260-1781

Email:

estull@datavantage.com

 

 

Draft Agenda version 1 – October 4, 2007  telephone conferences:

INCITS Study Group on Security Best Practices
Meeting #2

 


The telephone bridge will be indicated on the Study Group’s website (http://www.incits.org/tc_home/sbp.htm):

11 AM to 1:00 PM for each meeting date, unless otherwise indicated on the Study Group’s website.

Each meeting will have a 2-week Agenda published soon after the preceding telephone conference in preparation for the next meeting.  Please see the Study Group’s website regarding the Agenda for the first teleconference meeting.


All organizations attending the formation meeting (September 19, 2007)  or the first teleconference meeting (October 4, 2007) attain voting rights at the start of the meeting unless they have requested advisory (non-voting) membership.

Membership is open to all interested and materially affected parties.
Voting rights are obtained in accordance with the INCITS procedures (http://www.incits.org/rd2/main.htm)

 


INCITS Study Grup for Security Best Practices (SBP)

 

30-Day Draft Agenda for the Telephone Conference Series of Meetings
October 4, 2007 through January 6, 2008
http://www.incits.org/tc_home/sbp.htm


1.  Administrative  (E. Stull)

1.1   Call to Order

1.2   Appointment of Recording Secretary

1.3   Introduction of Participants

1.4   Membership and Voting Status changes

REF: SBP SD-03 (SBP Standing Document 6 – Meeting Attendance)

1.5   INCITS Antitrust Guidelines

REF: http://www.incits.org/inatrust.htm

2.   Chairman's Remarks (E. Stull)


3.   Approval of the Agenda  (E. Stull)

REF: SBP/??-????


4.   Document Distribution  (E. Stull)

REF: SBP SD-01 (SBP Standing Document 1 – Document Register)
                        http://www.incits.org/tc_home/sbp/sbpdocreg.htm

 

5.  Approval of Previous Meeting’s Minutes (E. Stull)

 

6.  Review of Previous Meeting’s Action Items (E. Stull)

1.     INCITS Study Group on Security Best Practices members were invited to submit contributions for consideration at the October 4, 2007 teleconference meeting proposing further refinement of the work plan topics (Risk Management and Compliance).

2.     The INCITS Secretariat will contact the participants at the Study Group's formation meeting to determine their membership status and will update the membership list accordingly.

 

7.  Unfinished Business from Previous Meeting’s Action Items (E. Stull)

 

8.  Review of Strategic Collaborations (S. Erkonen)

REF: SBP SD-03 (SBP Standing Document 3 - Collaboration)

 

9.  Review of Consensus Base for Financial Services sector (M. Clancy)


10.  Review of Consensus Base for Insurance sector (R. Talbot)


11.   Technical Interchange:  Risk Management and Compliance  (M. Clancy & R. Talbot)

REF: SBP/07-0008  An Introduction to Factor Analysis of Information Risk (FAIR) (M. Clancy)

REF: SBP/07-0009  Information Security Management Maturity Model (ISM3) (M. Clancy)

REF: SBP/07-0010  Security Operations Maturity Architecture (SOMA) (M. Clancy)

REF: SBP/07-0011  N6010 Draft Agenda for the 5th Meeting of ISO/TMB WG on Risk Management scheduled to be held in Sanya (China) on 3rd – 7th December 2007 (E. Stull)

REF: SBP/07-0012  President's Identity Theft Task Force Releases Comprehensive Strategic Plan to Combat Identity (E. Stull)

REF: SBP/07-0013  Overview of the ANSI-BBB Identity Theft Prevention and Identity Management Standards Panel (IDSP) October 2007 meeting (E. Stull)

REF: SBP/07-0014  Overview of the ISF’s Standard of Good Practice for Information Security March 2007. (R. Talbot)

 

12.   Technical Interchange:  Other Proposed Study Topics (E. Stull)

REF: SBP ??-???
          (all contributions will be assigned a document number)

 

13.   Development of Security Best Practices Report (E. Stull)

REF: SBP ??-???
          (all contributions will be assigned a document number)


14.   Work Plan and Timeline  (E. Stull)

REF: SBP SD-04 (SBP Standing Document 4 - Work Plan)

REF: SBP ??-???
          (all contributions will be assigned a document number)


15.  Review of Action Items from This Meeting (E. Stull)


16.  Future Meetings  (E. Stull)

REF: SBP SD-05 (SBP Standing Document 5 - Calendar)


17.  Adjournment  (E. Stull)