OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pbd-se] Next Steps: PbDSE Comments on NISTIR 8062


-----Original Message-----
From: John Sabo [mailto:john.annapolis@comcast.net] 
Sent: Tuesday, June 23, 2015 9:31 AM
To: Mike Davis
Cc: Dawn Jutla; Grow, Richard C.(Technatomy); Gail Magnuson; Notario
McDonnell, Nicolas; antonio.kung@trialog.com
Subject: Re: [pbd-se] Next Steps: PbDSE and PMRM TC Comments on NISTIR 8062

Just send your updated comments to the list and I will integrate into the
Jamie is just setting up the matrix spreadsheet at this point not merging
content, but he is also on the list.

On Jun 23, 2015, at 11:41 AM, Mike Davis <mike.davis.sd@gmail.com> wrote:

> Fully concur that we need to specially call out use / leverage of PMRM!
> I did align my comments for #3..  But some were in the intro comments 
> too Be glad to adjust mine as needed...  Don't have Jamie's email
> -----Original Message-----
> From: pbd-se@lists.oasis-open.org [mailto:pbd-se@lists.oasis-open.org] 
> On Behalf Of John Sabo
> Sent: Tuesday, June 23, 2015 8:20 AM
> To: pmrm@lists.oasis-open.org; pbd-se@lists.oasis-open.org
> Subject: [pbd-se] Next Steps: PbDSE and PMRM TC Comments on NISTIR 
> 8062
> PMTM and PbD-SE TC Members:
> At today's meeting it was agreed that we continue developing formal 
> comments on the NISTR 8062 as follows:
> 1 - use the matrix provided by NIST but also supply an overview 
> narrative document discussing our findings and recommendations
> 2 - for our comments in the matrix, follow the NIST question categories:
> Privacy Risk Management Framework, Privacy Engineering Objectives, and 
> Privacy Risk Model, along with their associated questions, as relevant
> 3 ---- individual TC members who submitted narrative comments are 
> asked to determine in which of these categories the comments are 
> applicable and edit their comments into a Word document using the NIST 
> categories
> 4- members are asked to review the in-line comments and provide 
> feedback and provide any in-line comments they believe are necessary
> 5- Jamie will provide a sample document including OASIS boilerplate 
> needed for the submission and will try to migrate the Word inline 
> comments to the Excel spreadsheet format
> 6 - We also discuss the importance of reviewing the PMRM itself in 
> light of the NISTIR draft as part of our plans to add an 
> Accountability Service in order to assess what additional changes are 
> needed.  We also discussed the possibility of expanding the use case 
> or other PMRM content to illustrate the relationship of Controls to
Services/functions more effectively.
> Goal: have  draft document ready for TC review by July 6, which allows 
> a week for TC members' feedback.
> Best regards,
> John
> ---------------------------------------------------------------------
> To unsubscribe from this mail list, you must leave the OASIS TC that 
> generates this mail.  Follow this link to all your TCs in OASIS at:
> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
> <NIST Risk Assessment Overall Observations by Mike Davis 18 June.docx>

Attachment: NIST Risk Assessment Overall Observations by Mike Davis 18 June.docx
Description: application/vnd.openxmlformats-officedocument.wordprocessingml.document

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]