637 words, 2.4 minutes read. By Gerard Blokdyk

ISO 38500 1 big thing: Develop and implement information security risk reporting for management teams and governance committees.

The big picture: Make sure the development, implementation and oversight of a Third Party Risk governance structure that ensures that vendors that expose the organization to compliance, credit, information security, offshore, operational, reputational or strategic risk adhere to appropriate controls.

Why it matters: Safeguard that your operation resides on the Data Governance Executive Board and a key contributor to the Data Management and Governance initiatives and programs, supporting them to successful completion.

Yes, but: Partner with engineering to maintain a common data model across service providers and facilitate API integrations across both internal and 3rd party applications/tools.

What to watch: Work with business partners and information governance stakeholders to assess and coordinate the resolution of data integrity issues and gaps in order to implement timely remediation with contributor.

State of play: Be confident that your strategy directs solution architecture effort in terms of quality, timeliness, and compliance with requirements and expectations, assuring with minimal or no disruption to IT operations.

What they’re saying: “Meet regularly with the (internal) client accounts manager and other department staff to promote efficiency and effectiveness in department operations and results obtained., Principal/Staff Software Engineer (Device Software) – IoT Devices

Go deeper: Be confident that your company designs and undertakes complex management studies, initiatives, or data gathering efforts, to provide information that assists management in Online Services program areas, improve program delivery, and identify actual or potential problem areas impacting program operations and (internal) customer involvement in the short and long term.

On the flip side: Define and communicate enterprise information security requirements, procedures, policies, and standards for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.

Under the hood: Secure that your company has knowledge and involvement in multiple Information Security domains like security monitoring, threat intelligence, network security, data security, endpoint security, technical security assessments, security architecture.


Get the ISO 38500 Kanban: Top ISO 38500 Must Haves

Look inside the ISO 38500 Kanban:

Learn the Top Emerging ISO 38500 Risks HERE: store.theartofservice.com/ISO-38500-critical-capabilities/


Top thinkers are using The Art of Service Kanbans, the Kanbans that are helping leaders stay ahead of what’s next.

This Kanban will help you plan your roadmap. The ISO 38500 Kanban enables leaders to shortlist hundreds of appropriate results, already prioritized.

Get Started:

Questions? Email us HERE


Get started: store.theartofservice.com/ISO-38500-critical-capabilities/


How it works: Verify that your design is managing and delivering security related tooling and infrastructure projects including identity access management, endpoint security, network monitoring, security information and event management (SIEM) platforms, and zero trust.

The bottom line: Apply and execute the appropriate systems engineering, program protection and certification-related policies, principles, and practices across all levels and phases of the development lifecycle to increase the level of confidence that a system functions as intended, is free from exploitable vulnerabilities, and protects critical program functions and information.

What’s next: Check that your strategy is helping to ensure the risk management processes align with Business and Information Security objectives while ensuring policy and process compliance.

ICYMI: Connect Centric specializes in helping your overarching agency (internal) customers deploy new or improve existing contact centers through comprehensive support services, including governance, (internal) customer experience, technology, and operations and maintenance.

Look inside the ISO 38500 Kanban:

Want to reuse this data? Purchase your license here:

One-time payment for perpetual commercial re-use

Questions? Email us HERE


Get started: store.theartofservice.com/ISO-38500-critical-capabilities/


Trusted by: FirstEnergy Corp, AE Stategies, LendingPoint, LLC, kraken, IBM, Micron Technology, IDC, CapB InfoteK, Mastery Logistics Systems, Inc., Accenture, McKesson, LumApps, Honeywell, Avery Dennison, Audible, Fidelity Investments, Olathe Public Schools, Amex, Emory University, Kajeet, Inc., Aruba Networks, Volkswagen Group of America, MasterBrand Cabinets Inc., Platform Science, Autonomic, Medtronic, NextEra Energy, Tesla, Novetta, Sirqul, Inc, Kwik Trip Inc, Particle, Rivian Automotive, Watts Water Technologies, Signify, Martin Engineering, TalentWerx, Terumo Medical Corporation, PepsiCo, Microsoft, Delta Faucet Company, Amazon.com Services LLC, Siemens, SunPower, Johnson Controls, Cummins Inc., BrightInsight, Losant, Pall, Allegion, Spireon, Lumin, Insight Enterprises, Inc., Alarm.com, Vodafone, Rad Power Bikes, Axon, ENEL, Schneider Electric, Precision Fermentation, Deeplocal Inc., Harbor Industries, Inc., Samsara, Ayla Networks, Prime Vision, Walmart, Xerox

Categories: Articles