Bright Stove

Reflecting information risk journey

Archive for June 2009

WG 4 Progress in Beijing

leave a comment »

The 6th WG 4 meeting in Beijing has closed since May 8, 2009. It has been a while for me to find some time to report the meeting outcomes and also highlight further progress. While most of the projects in WG 4 has progressed according to plan in the meeting, not all managed to achieve the desired outcome. An external influence was the economic downturn in this period, and another was the H1N1 flu pandemic, resulting in some members, including project editors unable to attend the meeting. The projects affected included Network Security Part 1 and 2, i.e., 27033-1 and 27033-2. Fortunately, for 27033-1, the project was able to get back on track thru’ two additional teleconference (supported by online web) meetings in early June 2009, in which the national bodies (NB) presence reviewed the final FCD revision and agreed to have it brought forward to FDIS for JTC 1 members’ ballots. If all goes well thru’ the NB ballots, it will be the first standard published through the work of WG 4, since the WG formation in 2006.

As for the other standards, two of them agreed to move forward to Committee Draft (CD) status. They are: 27031 – ICT Readiness for Business Continuity; and 27034-1 – Application Security – Overview and Concepts. 27032 – Guidelines for Cybersecurity will stay at WD for another update before going for CD in the next meeting; and 27034 will remain at CD status (i.e., as 2nd CD) for another six month review before moving forward as Final CD (FCD) hopefully in Nov 2009 meeting.

At the meeting, UK also proposed a new project for a guidelines on Redaction, i.e., removal of sensitive data from documents prior to their public disclosure or destruction. The meeting accepted the proposal and a new study period shall convene from the next meeting. UK will be contributing a rapporteur for this work to make sure that there are business requirements for this standard, and there will also be contributions by NBs should the proposal be approved for development.  At this point, the latter is of particular concern since at this meeting, WG 1 has just cancelled a new project (relating to e-Government security) due to lack of NB contributions, despite prior voted agreement by NBs of requirements for such a standard. The economic downturn and H1N1 flu virus pandemic, and for that matter, frequent natural disasters around the globe have also raised concerns about NB participations in meetings, and it is therefore even more critical to make sure that scare resources in SC 27 are focusing on developing standards that are of high demands and that NBs are willing to participate and contribute towards such developments.

Besides the meeting, there was a special gala dinner organized by the Chinese NB at the Summer Palace, with live performance of Chinese folk dances, martial arts, and classical music instrumentals. On the last day of the meeting, the usual half-day security standards seminar was held, whereby the work of SC 27 and the respective WG were presented.


Written by mengchow

June 20, 2009 at 4:10 pm

Posted in Security Standards

%d bloggers like this: