System Standards for managing in a connected world · 2012-03-02 · • OHSAS 18001 Specifications...
Transcript of System Standards for managing in a connected world · 2012-03-02 · • OHSAS 18001 Specifications...
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
System Standards for managing in a
connected world !
“Some perspectives”
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
Outline
oThe Journey So far – Fact Sheet
oThe Challenge
oRole of Standards
oSome Perspectives
oNext Steps -The Road Ahead
“Relentless Pursuit of Excellence”
2
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
The Journey So far – Fact
Sheet
3
www.sevenstepconsulting.com
20th Century -The Last Four Decades
www.sevenstepconsulting.com
The New Millennium- The Post PC Era
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
A Connected World
www.sevenstepconsulting.com
The Mobile Millennium!
• Mobile Ramping
Faster than Desktop
Internet Did and Will
Be Bigger Than Most
Think
• 5 Trends Converging
(3G + Social
Networking + Video +
VoIP + Impressive
Mobile Devices)
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Next 5+ Years -Internet Meets Mobile!
www.sevenstepconsulting.com
Herbert Marshall McLuhan, (July 21, 1911 – December 31, 1980)McLuhan is known for coining the expressions "the medium is the message" and "the global village" and
predicted the World Wide Web almost thirty years before it was invented.
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Mobile Devices + Infrastructure Enabling Attractive New Usage
Models…Ramping Fast on Various Networks
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Cool Mobile Apps Today Reminiscent of Early
Websites in 1995
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
The Challenge
21Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Multiple Issues & Challenges•Rapid Technological Change
•User Awareness
•Increased Threats and Vulnerabilities
•Ease of Exploitation
•Lack Of Personnel
•Lack of Guidelines
•Lack Of Legal Frameworks
.. The list Goes on and on Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
Role of standards
23Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Brief History• Examples of prehistoric standardization are found in the ancient
regions of Mesopotamia, Sumer, Egypt and Babylon: at these locations, pre-Christian civilizations were found to use many kinds of standards in their daily activities.
• Around five to six thousand years ago, the Mohenjo-daro or Harappa civilizations of the Indus valley used standardization for town planning, water supply, drainage, house building and even weights and measures.
• Between the 7th century B.C. and the 17th century A.D., standards for units of measurement of length, volume, weight and money were further developed in various parts of the world.
• Standardization of screw threads by Sir Joseph Whitworth dates back to 1841.
• Other instances of early standardization can be found in the dawning age of the railway industry
• Mass production became possible through standardization
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
What are Standards?
Standards and standardization
• A standard is a document which provides, inter alia, requirements, rules, and guidelines, for a process, product or service. These requirements are sometimes complemented by a description of the process, products or services.
• Standards are the result of a consensus and are approved by a recognized body.
• Standards aim at achieving the optimum degree of order in a given context.
• The process of formulating, issuing and implementing standards is called standardization.
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
The primary aims of standardization
• Fitness for purpose
• Interchangeability
• Variety reduction
• Compatibility
• Guarding against factors that affect the health and safety
of consumers
• Environmental protection
• Better utilization of resources
• Better communication and understanding
• Transfer of technology
• Removal of trade barriers
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Attributes of a standard• A standard generally has three
attributes:
• Level: such as at the company, national or international level.
• Subject: such as engineering, food, textile or management.
• Aspect: such as specification, testing and analysis, packaging and labelling (more than one aspect may be covered in a single standard: a standard may include specification of items such as the product, its sampling and inspection, related tests and analysis, packaging and labelling).
Standardization diagram
Created by Dr. Lal C. Verman,
Founder and Director General of the Bureau of Indian Standards,
Seven Step Consulting Pvt. Ltd., India.
ISO/IEC 27001:2005
Information technology — Security
techniques — Information security
management systems — Requirements
www.sevenstepconsulting.com
Types of standardsThere are several types of standards; these include:
• Vocabulary standards, e.g. glossaries, signs and symbols;
• Basic standards, such as units of measures;
• Product standards that cover, inter alia, specifications for dimensions, performance, health, safety, environmental protection and documentation;
• Standards for inspection, test methods and analysis;
• Standards that focus on organization, such as for logistics, maintenance, inventory management, quality management, project management and production management.
• Specification standards contain three categories of requirements, namely: obligatory requirements (essential characteristics that are needed to ensure the usefulness of a product),optional or recommendatory requirements (which help to improve the serviceability of a product or to meet the specific requirements of a particular type of customer) and informative requirements.
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Example Adoption by Industry Bodies
• QS 9000 Quality System Requirements for Automatic Suppliers, published by Chrysler, Ford, General Motors and others.
• TL 9000 Telecommunications-specific Quality Management System Requirements, published by QUEST-USA.
• AS 9000 Aerospace Unique Requirements, published by the SAE.
• OHSAS 18001 Specifications for Occupational Health and Safety Management Systems, published by three NSBs and 10 certification bodies.
• HACCP Hazard Analysis Critical Control Point System and Guidelines for the Food Industry, published by CODEX.
• SA-8000 Social Accountability, published by the Council of Economic Principles Accreditation Agency (CEPAA).
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
Standards & Mobiles
Some Perspectives
Continual Revenue & Engagement Model
31Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Management System Standards For Mobile Security
• No dedicated
international Standard
for Mobile System &
Security yet as on Date
http://en.wikipedia.org/wiki/List_of_
mobile_phone_standards
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Management Aspects
Technical Aspects
Physical Aspects
Legend :
Security Policy
Organization of Information Security
Asset Management
Business Continuity Management
Compliance Communications & Operations Management
Human Resources Security
Information Security Incident Management
Information System Acquisition, Development & Maintenance
Access Control
Physical & Environmental Security
Operations
ManagementOrganizational Structure
The 11 Security Domains Security Policy (1) Organization of Information Security (2) Asset Management (2) Human Resources Security (3) Physical & Environmental Security (2) Communications & Operations
Management (10) Access Control (7) Information System Acquisition,
Development & Maintenance (6) Information Security Incident
Management (2) Business Continuity Management (1) Compliance (3)
The Eleven Security Domains in Annexure A
of ISO 27001:2005
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
A.10 Communications and operations
management• A.10.4.2 Controls against mobile code
• Control
• “Where the use of mobile code is
authorized, the configuration shall ensure
that the authorized mobile code operates
according to a clearly defined security
policy, and unauthorized mobile code shall
be prevented from executing.”
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
A.11 Access control
• A.11.7.1 Mobile computing and communications
• Control
• A formal policy shall be in place, and appropriate security measures shall be adopted to protect against the risks of using mobile computing and communication facilities.
• A.11.7.2
• Teleworking Control
• A policy, operational plans and procedures shall be developed and implemented for teleworkingactivities.
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
The Beginning of The Realization!
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.comSeven Step Consulting Pvt. Ltd., India.
The Road Ahead
38Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Process for the development of standards
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
ProActive Action by ALL Stakeholders
•Manufacturers
•Customers
•Corporates
•Technologists
•Administrators
•Regulators
•Legislators
•Policy Makers
•Educationists
•Trade Associations
•National ,Regional
And
•International
Standard
Bodies
Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
R I P or Peacefully Resting?
The Choice is in Our hands?Seven Step Consulting Pvt. Ltd., India.
www.sevenstepconsulting.com
Seven Step Consulting Pvt. Ltd.153 Maidangarhi , New Delhi 110068. (India)Phone: + 91 11 29533609Mobile: + 91 9810609560E-Mail: [email protected]: www.sevenstepconsulting.com
Reach Us at:
This document or any part thereof may not, without the written consent of Seven Step
Consulting Pvt. Ltd. , be copied, reprinted, or reproduced in any material form, including but
not limited to photocopying, transcribing, transmitting, or storing it in any medium or translating
it into any language, in any form or by any means, be it electronic, mechanical, xerographic,
optical, magnetic or otherwise.
The information contained in this document is proprietary and confidential; all copyrights,
trademarks, trade names, patents and other intellectual property rights in the documentation
are the exclusive property of 7SConsulting International unless otherwise specified. The
information (including but not limited to data, drawings, specification, and documentation) shall
not at any time, be disclosed directly or indirectly to any third party without the prior written
consent of Seven Step Consulting Pvt. Ltd. .
The information contained herein is believed to be accurate and reliable. Seven Step
Consulting Pvt. Ltd. accepts no responsibility for its use by any means or in any way
whatsoever. The information contained herein is subject to change without notice.
Seven Step Consulting Pvt. Ltd., India.
Delhi
Mauritius
MumbaiRiyadh
Bangalore
HEAD OFFICE
ASSOCIATE OFFICES