Mehhh Practice


This appeared:

Nicely summing up a widespread complaint. E.g., against ISO 2700x. One should be forbidden to call those ‘Best’, as they are average, at best.
Because they’re adopted by the ones with no imagination of their own so implementations will fall short of average, thus in mass lowering the average even further.

And Best has never been Best in the first place. ‘tWas a compromise, as it had to cover so much, over so many contributors at its inception already. Remember, BS7799 ..!? And on and on in review rounds, committees decided over changes. A camel is a horse designed by a committee. And it all had to be applicable to as many industries as you can dream up. Another flattener par excellence. Standards work, where there is little variation required. Here, much variation, tailoring to each and every implementation over and over again, is a prerequisite for any success. I might continue.

Luckily for you, the new ISO27001:2013 of last October, is a huge improvement…. To the panic of the knights of busywork, one cannot anymore rely on following the herd as described, prescribed, because, at last, the prescription tends to Use Your Own Brain. Principle-based at last ..! For some elements. Tuning required, not by the (C)ISO (office) (only), but by the Business itself. Oh dear! The implementation efforts… Consultants’ dreams.

Well, get the lowdown of this, from experts [disclaimer: don’t own anything of them]. Just wanted to post the tweet and my take on it.


About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Innovation (technologicallly driven). Bookmark the permalink.

One Response to Mehhh Practice

  1. Pingback: Three shorties | Maverisk

Your comments are welcomed!

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s