ISO 38500 1 big thing: Safeguard that your team collaborates with business operations to resolve Information Security governance conflicts.

627 words, 2.3 minutes read. By Gerard Blokdyk

ISO 38500 1 big thing: Safeguard that your team collaborates with business operations to resolve Information Security governance conflicts.

The big picture: Ensure you are skilled at building relationships, partnering seamlessly with investment analysts to help them build fluency on ESG issues, and with internal teams such as Investment Group Technology, Engagement, and Governance and Proxy to support their ESG objectives and ensure the effective dissemination of ESG-related information.

Why it matters: Establish that your operation provides technical assistance and security guidance in the areas of information systems and telecommunications to information systems owners, technicians, and general users.

Meanwhile: Support the Information System Security Manager (ISSM), Information System Security Officer (ISSO), and Cybersecurity lead in meeting all RMF documentation, process, policy, risk assessment, testing, and continuous monitoring requirements per the NIST SP-800 series.

State of play: Be confident that your strategy is designing and implementing data protection policies, processes, and procedures to align with GDPR and Information Security policies, especially for cloud-hosted data environments and (internal) customer data handling throughout the development lifecycle.

How it works: Ensure your organization is establishing a roster of qualified experts in information and systems for health with expertise in evaluation and research methods applied to information systems and digital health.

What they’re saying: “Leverage industry best practices to manage and maintain data privacy and security practices in the processing of data and personally identifiable information across information technology and records management systems.“, Senior Hardware Engineer

The backdrop: Ensure you currently engage with a variety of the largest health insurance companies, supporting information and software development organizations and various organization organizations.

Go deeper: Recommend new toolsets, or changes in toolsets, and guide organizational change management upon introduction of new tools, training on existing tools, or changes to views.

What to watch: Be certain that your strategy is involved in driving development of solutions mapping across cloud, devices/sensors, analytics and mobility based offerings to deliver end to end solutions.

Yes, but: Make sure the Chief Information Security Officer serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organizations information security policies.

The bottom line: Make sure your strategy is accountable for risk identification, development and prioritization of sensitive data and information governance policies, strategies and initiatives to meet regulatory, and business requirements.

What’s next: Make headway so that your team is involved in governance with modern environments, Big Data and traditional DW environments supporting Data Governance and master data management principles and techniques.

ICYMI: Secure that your staff leads IT Security Steering Committee, infusing information security governance procedures that foster resiliency, raise awareness, govern policy and review security related activities.

Get started: store.theartofservice.com/ISO-38500-critical-capabilities/

Trusted by: FirstEnergy Corp, AE Stategies, LendingPoint, LLC, kraken, IBM, Micron Technology, IDC, CapB InfoteK, Mastery Logistics Systems, Inc., Accenture, McKesson, LumApps, Honeywell, Avery Dennison, Audible, Fidelity Investments, Olathe Public Schools, Amex, Emory University, Kajeet, Inc., Aruba Networks, Volkswagen Group of America, MasterBrand Cabinets Inc., Platform Science, Autonomic, Medtronic, NextEra Energy, Tesla, Novetta, Sirqul, Inc, Kwik Trip Inc, Particle, Rivian Automotive, Watts Water Technologies, Signify, Martin Engineering, TalentWerx, Terumo Medical Corporation, PepsiCo, Microsoft, Delta Faucet Company, Amazon.com Services LLC, Siemens, SunPower, Johnson Controls, Cummins Inc., BrightInsight, Losant, Pall, Allegion, Spireon, Lumin, Insight Enterprises, Inc., Alarm.com, Vodafone, Rad Power Bikes, Axon, ENEL, Schneider Electric, Precision Fermentation, Deeplocal Inc., Harbor Industries, Inc., Samsara, Ayla Networks, Prime Vision, Walmart, Xerox