The InfoSec Blog

The real reasons for documentation – and how much

Posted by Anton Aylward

he documentation required and/or needed by ISO-2700x is a perenial source of dispute in the various forums I subscribe to.

Of course management has to define matters such as scope and applicability and the policies, but how much of the detail of getting there needs to be recorded?  How much of the justification for the decisions?

Yes, you could have reviews and summaries of all meetings and email exchanges ..

But that is not and has nothing to do with the standard or its requirements.

The standard does NOT require a management review meeting.

Economic Impact: Patent trolls chase app developers out of the U.S

Posted by Anton Aylward

The Debt ceiling crisis will pass; even if there is a crash, the USA can recover from it ...

IF its core economic worth, that is its industrial productivity, is unharmed.

There are a number of ways this can be harmed, poor credit rating among them, lack of availability for investments.