[LINK] Security Standards

[Roger Clarke]

ODCA's security assurance provider usage model at
http://www.opendatacenteralliance.org/document-sections/category/71-docs?download=437%3Aprovider-assurance

ranks security at the following levels:
-  platinum (military grade)
-   gold (financial services grade)
-   silver (enterprise grade)
-   bronze (standard grade)

But surely we need a comprehensive set, including
-   tin
-   plastic
-   ply-wood
-   toilet-paper

Then again, given that the 'malicious insider' risk is only protected 
at platinum level, maybe it would be better to substitute my terms 
for the ODCA's terms?


-- 
Roger Clarke                                 http://www.rogerclarke.com/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Faculty of Law               University of NSW
Visiting Professor in Computer Science    Australian National University