August 8


Open Source Information Security Risk Management – can it be?

Hopefully it is clear by my efforts that I am supportive of community driven approaches to defining and improving information security. One of our loyal catalysts (hat tip to Bill) pointed out the The Security Officers Management and Analysis Project (

I am not yet familiar with this effort, but plan to spend some time reviewing the website when I get back from another “Effective Assurance in IT Operations” workshop (sometime next week). I spent a few minutes checking the link and reviewing the effort – and it seems solid and is something I am looking forward to checking back into.
I’m curious to learn what you think of this site, the information and ideas and suggestions on how you think we can contribute and make a difference… leave some comments or send me an email:


You may also like

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Tired of feeling defeated on Friday?

Where the stack of work to get done is bigger than what got finished. You dread next week before the weekend even begins.

It doesn’t have to be this way.