This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

2016-013-Michael Gough, the ISSM reference model, and the 5 P's

By Brian Boettcher, Amanda Berlin, and Bryan Brake

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-013-michael_gough-the_5_Ps.mp3 iTunes: https://itunes.apple.com/us/podcast/2015-013-michael-gough-issm/id799131292?i=365622423&mt=2 We discuss a model that Michael Gough used while he was at HP. The Information Security and Service Management (ISSM) Reference model can be used to help companies align their IS and IT goals with the businesses goals... If you've been a listener of our podcast for a while now, you might have heard our 2-part podcast on ITIL with Tim Wood, which is a service based solution to enable your IT and infosec initiatives to also align with your business needs. From the ISSM whitepaper: "organizations need to build and run an integrated service management system that addresses security and risk management as well as the regulatory compliance imposed on the agency while ensuring that agreed services are provided to internal and external customers and managed end-to-end. For agencies and organizations to achieve meaningful service outcomes, technology and agency decision makers need to align their goals and strategies more closely while dealing with an increasing amount of technologies, threats, and regulatory compliance requirements." We discuss the idea of the "5 P's", which are "Policy, Process, People, Products (or technology), and Proof", and how they are important to the implementation of the #ISSM reference model Finally, we discuss a typical engagement using the ISSM model. Creation of the 7 Core components and additional using a maturity model to self-assess your company in an effort to show transparency to your internal processes. Important links: http://www8.hp.com/h20195/V2/getpdf.aspx/4AA2-2350ENW.pdf?ver=1.0 http://www.digitalgovernment.com/media/Downloads/asset_upload_file772_2477.pdf https://en.wikipedia.org/wiki/Information_security_management_system http://www.davebolick.com/SampleNewsletterHPFinancialAdvisor.pdf http://media.govtech.net/HP_RC_08/Security_RC/ISSM_for_SLG.pdf Integrating ITIL into infosec: http://traffic.libsyn.com/brakeingsecurity/2015-018-Integrating_infosec_with_ITIL.mp3 http://traffic.libsyn.com/brakeingsecurity/2015-017_ITIL_and_infosec.mp3 Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security using Patreon: https://www.patreon.com/bds_podcast RSS FEED: http://www.brakeingsecurity.com/rss On #Twitter: @brakesec @boettcherpwned @bryanbrake @hackerhurricane #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969 Player.FM : https://player.fm/series/brakeing-down-security-podcast Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/   #cobit, #cmmi, #maturity model, #ISSM, #ITIL, #Service, #management, #reference model, #ISO, #27002, #27001, CISSP, #podcast, #infosec, #compliance

Listen to 2016-013-Michael Gough, the ISSM reference model, and the 5 P's now.

Listen to 2016-013-Michael Gough, the ISSM reference model, and the 5 P's in full in the Spotify app