From mark at curphey.com Sat Jul 3 15:15:44 2004 From: mark at curphey.com (Mark Curphey) Date: Sat, 3 Jul 2004 15:15:44 -0400 Subject: [Owasp-iso17799] RE: ISO 17799 Project Status In-Reply-To: Message-ID: <200407031915.PAA08817@valiant.cnchost.com> I can send anyone the instructions to edit the xml for the project page if interested (hint, hint) ;-) -----Original Message----- From: Stan Guzik [mailto:stanguzik at yahoo.com] Sent: Friday, July 02, 2004 6:43 PM To: stanguzik at yahoo.com Subject: ISO 17799 Project Status Hello Everyone, I would like to welcome the new members to our project group. It was nice to meet some of you at OWASP AppSec 2004. Based on the feedback from the conference there is a tremendous interest in this project. Currently we have 29 members subscribed to this list. I haven't received any items from some of the members that have items assigned from months ago. I understand that work and family comes before an open source project and some of your priorities have changed. Therefore I would like to open up the project plan to all new and old members of the group. Please volunteer for any items that are marked open in the attached Excel spreadsheet. I'm working on getting the document into SourceForge CVS. Steven Rebello has volunteered to organize the document into a consistent look and feel. All the documentation is attached in the zip file. ISO17799OutlineV2.doc is the main document. Thanks Steven. Below is a description of the project for the new members: The first version of the document focuses on operations of a secure web application in production. This is basically the creation of policies and procedure for everyday management of systems in production. We are creating form templates based on the 17799 standard that will help organizations implement the standard. Management can use these form templates to document their operational policies/procedures. I know the OWASP website states the project will include designing and developing but it's an old statement that I'll update someday. We are taking a unique approach in creating 17799 templates. I have seen many documents explaining 17799 and how to audit it but I haven't seen a document giving you ready to use templates that you can build upon. This approach reminds me how software developers constantly share and reuse code but I rarely see this in management procedures. Looking forward to seeing volunteers! Thanks, Stan From stanguzik at yahoo.com Tue Jul 6 10:48:52 2004 From: stanguzik at yahoo.com (Stanley Guzik) Date: Tue, 6 Jul 2004 07:48:52 -0700 (PDT) Subject: [Owasp-iso17799] RE: ISO 17799 Project Status In-Reply-To: <200407031915.PAA08817@valiant.cnchost.com> Message-ID: <20040706144852.27996.qmail@web11805.mail.yahoo.com> I'll do it this weekend. I promise! Mark Curphey wrote:I can send anyone the instructions to edit the xml for the project page if interested (hint, hint) ;-) -----Original Message----- From: Stan Guzik [mailto:stanguzik at yahoo.com] Sent: Friday, July 02, 2004 6:43 PM To: stanguzik at yahoo.com Subject: ISO 17799 Project Status Hello Everyone, I would like to welcome the new members to our project group. It was nice to meet some of you at OWASP AppSec 2004. Based on the feedback from the conference there is a tremendous interest in this project. Currently we have 29 members subscribed to this list. I haven't received any items from some of the members that have items assigned from months ago. I understand that work and family comes before an open source project and some of your priorities have changed. Therefore I would like to open up the project plan to all new and old members of the group. Please volunteer for any items that are marked open in the attached Excel spreadsheet. I'm working on getting the document into SourceForge CVS. Steven Rebello has volunteered to organize the document into a consistent look and feel. All the documentation is attached in the zip file. ISO17799OutlineV2.doc is the main document. Thanks Steven. Below is a description of the project for the new members: The first version of the document focuses on operations of a secure web application in production. This is basically the creation of policies and procedure for everyday management of systems in production. We are creating form templates based on the 17799 standard that will help organizations implement the standard. Management can use these form templates to document their operational policies/procedures. I know the OWASP website states the project will include designing and developing but it's an old statement that I'll update someday. We are taking a unique approach in creating 17799 templates. I have seen many documents explaining 17799 and how to audit it but I haven't seen a document giving you ready to use templates that you can build upon. This approach reminds me how software developers constantly share and reuse code but I rarely see this in management procedures. Looking forward to seeing volunteers! Thanks, Stan ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ Owasp-iso17799 mailing list Owasp-iso17799 at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/owasp-iso17799 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.owasp.org/pipermail/owasp-iso17799/attachments/20040706/1b4c5557/attachment.html