March, 2003 Newsletter Articles

Techniques to Detect Intrusions in Computer Systems

Mar 20, 2003 in Newsletter | 0 comments

A framework for the detection of intrusions in computer systems and networks are contained in a new ISO technical report, ISO/TR 15947, Information Technology – Security Techniques – IT Intrusion Detection Framework. The document focuses on the security principles behind the intrusion of computer systems by outsiders or trusted employees, and how organizations can establish a framework to enable a comprehensive intrusion detection system. “One of the problems that businesses have is being able to detect when their systems are being...

Read More

Index for ISO 9001:2000 Terms

Mar 20, 2003 in Newsletter | 0 comments

Have you ever struggled to locate a particular term in ISO 9001:2000? For example, you know “outsource” is addressed in the standard, but you may not recall where to find it. Well, I have created an index for more than 300 terms used in ISO 9001:2000. The index includes the pages and clauses for each term. For example, Outsource (or Outsourced) is mentioned on page 2 (4.1, 4.1). The entry “4.1” is repeated twice in the index since the term appears twice in clause 4.1. You can find Quality Policy on page 2...

Read More

Toughest ISO 9001:2000 Requirements (7.3.1)

Mar 20, 2003 in Newsletter | 0 comments

Manufacturing companies with design responsibility will likely have an established design and development process. However, clause 7.3 may be a tough new requirement for many service organizations. The transition document, Guidance on ISO 9001:2001 – Clause 1.2 Application, states “Design and development has traditionally tended to focus on tangible products, but is equally applicable where the product of an organization is a service”. In addition, ISO 9001:2000 states that “wherever the term “product”...

Read More

Toughest ISO 9001:2000 Requirements (6.3)

Mar 20, 2003 in Newsletter | 0 comments

In the December, 2003 newsletter, I identified twelve ISO 9001:2000 clauses as the toughest requirements to understand and meet with conforming practices. Clauses 4.1, 5.1, and 5.4.1 were addressed in the past two newsletters. This article picks up with clause 6.3, Infrastructure. The next article in this newsletter deals with clause 7.3.1, Design and Development Planning. 4.1  General Requirements (and 0.2 Process Approach) – article in December, 2002    5.1  Management Commitment – article in January, 2003 5.4.1  Quality...

Read More

Guidelines for Confidence and Security in e-Business

Mar 20, 2003 in Newsletter | 0 comments

Guidelines for the management of Trusted Third Party services used to facilitate secure e-business communications are contained in a new ISO technical report, ISO/TR 14516, Information Technology – Security Techniques – Guidelines for the Use and Management of Trusted Third Party Services. The document will enable businesses to identify the type and level of protection required from TTPs and how to use those services to gain customer confidence and increase e-business security. “Concerns about the security of e-business expressed...

Read More