ISO 28000: Supply Chain Security Management
14 July 2009
The modern supply network is very complex, covering many
suppliers, mode of transport and different countries. As result of
this complexity, the need for varied services such as
environmental protection, social responsibility, supply chain
security, product safety and quality constantly increases.
Globally, products worth tens of billion dollars go missing during
transportation each year, dramatically highlighting the need for
security supply chain. ISO 28000 series focuses on over all
security of the organization supply chain, acting as umbrella
standard that incorporates the requirements of all major
international supply chain security initiatives. It integrates both
the process based approach and ‘Plan Do Check Act’ model.
|
The Way of Wellness: The Path to a Healthy, Happy and Balanced Life
17 July 2009
This One Day Stress Management and Wellness workshop is a holistic and interactive program designed to cultivate better health and well being through easy lifestyle changes. Using educational and entertaining techniques, this program is geared towards working professionals experiencing burn out and stress from juggling multiple responsibilities. Topics covered will range from practical relaxation exercises (simple yoga and meditation), diet and exercise tips, principles of creative leadership to a more involved analysis of self, habits and actions and how to draw on this to maximize our full potential at work and at home.
|
ISO 27001: Information Security Management System
21 August 2009
ISO 27001 formally specifies a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates specific requirements. Organizations that claim to have adopted ISO 27001 can therefore be formally audited and certified compliant with the standard.
Most organizations have a number of information security controls. Without an ISMS however, the controls tend to be somewhat disorganized and disjointed, having been implemented often as point solutions to specific situations or simply as a matter of convention. Maturity models typically refer to this stage as "ad hoc". The security controls in operation typically address certain aspects of IT or data security, specifically, leaving non-IT information assets (such as paperwork and proprietary knowledge) less well protected on the whole. Business continuity planning and physical security, for example, may be managed quite independently of IT or information security while Human Resources practices may make little reference to the need to define and assign information security roles and responsibilities throughout the organization.
|
|
