OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pbd-se] PbD-SE maturity model

On the call now.

I’m not sure on what model we’re going to initially work around?

 

What methods for comments are there?

 

Ciao

Mike

 

Cyber security is serious business for us all – so ACT accordingly!

http://www.linkedin.com/in/mikedavissd

 

 

 

From: pbd-se@lists.oasis-open.org [mailto:pbd-se@lists.oasis-open.org] On Behalf Of Dawn Jutla
Sent: Tuesday, March 10, 2015 7:21 AM
To: pbd-se@lists.oasis-open.org
Subject: [pbd-se] Tomorrow's meeting 1:30 EST as scheduled

 

Dear PbD-SE Committee:

Looking forward to continuing our discussion on a PbD-SE maturity model tomorrow. 

You may recall that Gershon generously volunteered to put committee members' comments on our draft committee specification document and on the committee notes document in JIRA. He has indicated that he will complete this exercise soon. Then we may work to dispose of the comments formally via JIRA.  


Kind regards, Dawn.


 

On Wed, Feb 11, 2015 at 9:48 AM, Dawson Frank (Nokia-TECH/Irving) <frank.dawson@nokia.com> wrote:

Hello Dawn and PbD-SE-ers.

  

With respect to the topic of privacy business process maturity, I would point also to the recent ISO publication of ISO 29190/Privacy Capability Assessment. It is a rather solid standard coming from ISO/IEC JTC1 SC27/WG5. Nokia piloted its use in 2013 to baseline privacy maturity of our privacy program. One of the strengths of that standard is that it uses a multi-dimensional review criteria, as privacy maturity is difficult to merely judge as a scalar value (EG, best represented with a tool like a spider-web graph to show maturity of a set of criteria). Also it is flexible to the organizational differences across industries, as well as differences in the structure of a privacy program across organizations.

 

BSIMM approach to measuring security program maturity is similarly structured, but also as implemented is based on feedback from a set of industry players.

 

On Wed, Feb 11, 2015 at 8:28 AM, Dawn Jutla <dawn.jutla@gmail.com> wrote:

Dear PbD-SE Committee:

 

 

Our Jonathan Fox has kindly agreed to lead a discussion on his scan of Privacy Maturity Models to inform our work going forward.

 

1. CMM

2. CMMI

3. BSIMM (See attached)

4. Open SAMM http://www.opensamm.org/

5. AICPA/CICA Privacy Maturity Model 

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]