One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 1506669 |
| Date de publication | 2020-01-24 08:37:48 (vue: 2020-01-23 20:00:03) |
| Titre | NBlog Jan 24 - information, data, knowledge And All That |
| Texte |  On the ISO27k Forum lately we've been discussing something that comes up repeatedly, a zombie topic you could say since the discussion is never really settled to everyone's complete satisfaction. There's always more to say.The discussion concerns the disarmingly simple phrase "information asset", used in some but no longer defined in any of the ISO27k standards. Among other things, we've discussed whether people/workers can be classed as information assets, hence information risks associated with people potentially fall within scope of an ISO27k ISMS.Yesterday, Mat said:"Knowledge is generally broken down into three different types - explicit, implicit, and tacit. When we are talking about classing employees as an asset or simply treating the information that they know as an asset, I think maybe this can be broken down further using these different knowledge types. Explicit knowledge is knowledge that is easily transferable, can be recorded and stored. Things like standard work instructions, guides, procedures, policies. Due to the nature of this information, it seems obvious to class the information itself as the asset here - you can mitigate the risk of information loss simply by recording the information. Implicit knowledge is the practical application of explicit knowledge. This can include knowing your way around a particular security product, or a particular piece of equipment. This type of knowledge is difficult to record, however, things like best practices are the best attempt although it's difficult to include the entire background knowledge of the best practice. Due to this, loss of this information is difficult to completely mitigate, and hence, I think the employee here could be classed as the information asset. The best mitigation is to keep the employee. Tacit knowledge is the practical application of implicit knowledge. Examples of this are knowing not only a particu |
| Envoyé | Oui |
| Condensat | 1991 able about accelerator accounting accumulates accurate actions advisor advisors after again all already although always among animals any appear application apply approach are around art articles ask aspects asset assets associated attempt audio author available away back background bank because becoming been being believe best better bigger bits blog bloggings bloody book books both brace brains brakes brawn breakdown breakdown:their broader broken brought business but but” call can capabilities capacity capture captured capturing card certain;their certainly challenged challengedanalysedexpanded change chess choice circling clapping class classed classing code colleagues comes communicated complete completely complex comprehension comprehensive computer concepts conceptual concerns concert confidentiality consciously contemplating content context contexts contractors contracts conversations cooperate cooperating could courses creative crust cut damaged damaged/modified data debating decades decided decision decisions defies defined deliberately deploy described destroyed details diagrams different difficult directly disarmingly disclose disclosed disclosure discussed discussing discussion disk distinguish document documentation don doodles down drawn due during earn easily easily:storedcommunicated/passed easy editors effort efforts else elsewhere emails employee employees encouraged enjoy enough entire ephemeral ephemerally equipment especially etc even everyone examples expanding experience expertise explained explicit exploit exploited express expressed expressing extraordinary failing fall far feed fits foot forcible form formally forum frameworks free from further furthermore gain garbled gary gears general generally generic/simplistic gently get give given google got grand grasp groaning guided guides gurus gymnast had hand hard harder harvard has have having head hence here hidden higher highly history how however ideas illness impact implications implicit importantly impossible inappropriatelysubmerged incarceration incidents inclination include includes including inconsequential individuals information infrastructure inherent inherently innate inside instruction instructions intangible integrity intellectual interesting internalized interrelate inventions invest investing investments isms iso27k issues its itself jan just keep keeping know knowing knowledge lasting lately laws lawyer leaders learning learnt least leave leaves led less life like line link little locked long longer looked loss lot make makes making manager managing manner master mat may maybe means media mental meta might mis misinterpreted missed missing misunderstood mitigate mitigation more most motivated much must muttered myself narrow nature nblog neat need needed;their neither never new nodding nor not now nurtured observed obvious obviously oddly off offer olympic once only opportunities optimal order organise organization other others out over own paid parachute/anchor part particular particularly partly parts passing patterns peace peers people people/workers perhaps permanently person pets phrase physical picked picture piece pirated plagiarized plain point policies pondering poorer possession possibly potentially practical practice practices precision presentations presently prevent procedures proceedings process product program properties property provided purposesdisputed pushed qualified question quickly rambling rarely reach real really reasonable record recorded recording recordings refined reluctant repeatedly reports requiring resent resources return returns review rewarded risk riskier risks said said: sales same satisfaction say scope secondly secure security seems seldom send sense settled several shaking should shouting simple simplification simply since skills slack slam small some somehow someone something sound sources specifically standard standards start stated statutes stay step stolen stop storage stored stress struggling stuff sub substantial such suffering sufficient surely suspect tacit take talking taught |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.