OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Next Steps: PbDSE and PMRM TC Comments on NISTIR 8062

PMTM and PbD-SE TC Members:

At today's meeting it was agreed that we continue developing formal comments on the NISTR 8062 as follows:

- use the matrix provided by NIST but also supply an overview narrative document discussing our findings and recommendations
- for our comments in the matrix, follow the NIST question categories: Privacy Risk Management Framework, Privacy Engineering Objectives, and Privacy Risk Model, along with their associated questions, as relevant
- individual TC members who submitted narrative comments are asked to determine in which of these categories the comments are applicable and edit their comments into a Word document using the NIST categories
- members are asked to review the in-line comments and provide feedback and provide any in-line comments they believe are necessary
- Jamie will provide a sample document including OASIS boilerplate needed for the submission and will try to migrate the Word inline comments to the Excel spreadsheet format

We also discuss the importance of reviewing the PMRM itself in light of the NISTIR draft as part of our plans to add an Accountability Service in order to assess what additional changes are needed.  We also discussed the possibility of expanding the use case or other PMRM content to illustrate the relationship of Controls to Services/functions more effectively.

Goal: have  draft document ready for TC review by July 6, which allows a week for TC members' feedback.

Best regards,


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]