July 24, 2014 Meeting Page: Difference between revisions
Jump to navigation
Jump to search
m (2 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:02, 28 June 2018
SECURITY COMMITTEE / FUNCTIONAL MODEL MEETING NOTES
Meeting Date: July 24, 2014
Attendees
- Adam Migus
- Ann Racuya-Robbins
- Cathy Tilton
- Christopher Spottiswoode
- Jerry Kickenson
- Mike Garcia
- Paul Grassi
- Robert Faron
- Ryan Galluzzo
- Sal D’Agostino
- Sean Brooks
- Steve Orrin
Meeting Notes
- Notes taken by Adam Migus
- Roll call; Quorum determination
- IPR policy reminder - https://www.idecosystem.org/system/files/filedepot/103/IDESG%20IPR%20Policy.pdf
- Administrative
- Sal chaired the meeting as previously agreed upon because Adam Madlin is away
- Motion to approve 7/10 draft minutes by Adam Migus; seconded by Steve
- Robert pointed out the misspelling of his last name in 7/17 draft minutes.
- Motion to approve 7/17 draft minutes by Robert after correcting the spelling of his name; seconded by Ann
- Attributes Adhoc Group
- Jerry drafted and sent out File:IDESG Attribute Assurance Proposal.docx with a comments matrix sheet
- Meeting was held yesterday but only 3 people attended
- There were some comments; Jerry will update the proposal and send it out
- Jerry and Sal agreed that it should be shared with the chairs
- Jerry proposed a comments deadline of August 18th
- Interaction Model
- Ryan recapped the idea of separating out the interaction model from the functional model
- The requirements meeting had minimal attendance so discussion was deferred to the meeting on Monday
- We will be discussing the requirements and looking for other sources of requirements as input
- Sal reiterated that we are trying to leverage existing controls such as the previously mentioned [Cloud Security Alliance] [Cloud Controls Matrix] which has a mapping of controls across function. We are looking to emulate that approach in that we map controls to our own functional elements.
- Functional Model
- Sal confirmed that we have already agreed to separate out the Interaction Model
- Steve suggested add "requirements" to "policy/rule" under the GRC section
- Ann suggested we add words to indicate that GRC is external to the entity
- Debated the name of the "Business Operations" box
- The consensus was to call it "Administration and Operations"; Steve motioned and Adam Migus seconded
- New business - none
Actions
- Mike to send out an updated version of the document before the next meeting.
Quick Links: Security Committee | Functional Model | Security Committee Meeting Notes | Security Committee Content