TROY ? The Southeast Michigan Information Security RSA has two big events coming up in November, one with an official of the National Security Agency and the other with an official of the British Standards Institute.
On Nov. 2, from 5-7 pm, at Automation Alley?s headquarters in Troy, Richard Marshall, a senior information assurance representative at the National Security Agency will talk. The keynote will be presented by Dan Shoemaker, University of Detroit Mercy?s IAC Center. His talk is called Partial Security is Not an Option: How to Develop a Total Security System.
His thesis is: If you think that your information is adequately protected by electronic security measures, you are dangerously wrong. Serious attackers are not interested in the areas you have already secured. They are looking for the places where you are still vulnerable. So, unless you can say with absolute certainty that you have identified and addressed all potential threats, the information assets in your organization are at risk.
It might not seem fair to hold busy executives responsible for protecting the information in their organization against every conceivable threat. But that is exactly what you will have to do if you want to ensure your information is safe and secure. Fortunately, there is help available in the form of two large strategic models of best practice.
This talk will introduce you to the principles of total security embodied in those models. It will overview the approach to building complete, reliable and fully integrated total security systems using them. It will also introduce the compliance issues associated with each. You might not know about these two models yet, but it is likely that one, or both, will have significant impact on your future. Our aim is to prepare you for that.
There is no charge but admission is restricted to C-level professionals only.
Then, on Nov. 7, from 1:30-3 pm at Automation Alley?s headquarters, John DiMaria, BSI Management Systems (British Standards Institute) will talk about ISO 20000:2005, Raising the Profile of IT Service Management
ISO 20000 describes the methodologies to deliver services that meet established, defined business requirements and priorities by implementing superior practices. Compliance with the standard will empower the provider to change the common perception that it is simply a significant cost center and that it is in fact a critical part of the business objectives.
ISO 20000 is aligned with ITIL and introduces a methodology for enabling the quality of services to be managed and controlled and finally audited by a third party certified body, moving an organization from a reactive culture to a proactive culture. Third Party Certification to this internationally accepted standard is considered to be the ultimate achievement in ?Due Diligence? and facilitating legal and regulatory compliance.
This briefing will be of interest to any organization looking to deliver consistent quality and cost effective IT Service Management. By using a well planned and documented IT Service Management System, such as ISO 20000:2005, your organization can give itself a real future in a marketplace. During this powerful briefing you will discover how ISO 20000:2005 can improve your business efficiency and bottom line.
For additional information, click on AutomationAlley.Com
