Dear Open Group Members,
I hereby announce the Company Review of the following Open Group Guide with The Open Group Security Forum as sponsor of the review:
Integrating Risk and Security within a TOGAF® Enterprise Architecture
This document is an Open Group Guide addressing how to integrate considerations of security and risk into an Enterprise Architecture. It provides guidance for security practitioners and Enterprise Architects who need to work with TOGAF, an Open Group Standard, to develop an Enterprise Architecture. It has been developed and approved by The Open Group Security Forum.
Integrating security and risk management in Enterprise Architecture strongly supports The Open Group vision of Boundaryless Information Flow™, by informing well-justified design decisions, which maximize business opportunity whilst minimizing business risk.
This Guide is structured as follows:
• Chapter 1 provides a high-level introduction to this Guide, introducing the topic of Enterprise Security Architecture, how it relates to Enterprise Architecture, and how this Guide supports the TOGAF standard.
• Chapter 2 describes the relationship with other IT security and risk standards.
• Chapter 3 describes the concept of Enterprise Security Architecture in detail. It describes Information Security Management (ISM) and Enterprise Risk Management (ERM), two processes used by Security Architects.
• Chapter 4 describes Security Architecture, which is a cross-cutting concern, pervasive through the whole Enterprise Architecture.
• Chapter 5 explains in detail the core security concepts and how they can be applied for each phase of the TOGAF ADM.
The intended audience for this Guide is as follows:
• Enterprise Architects, Security Architects
The review will commence on August 17, 2015 and end on September 14, 2015.
The (commenting but not balloting) review group will be The Open Group Security Forum, plus other forums, work groups and interested parties from The Open Group membership.
The recommendation formulating change request review group will be The Open Group Security Forum.
The balloting group consists of the members of The Open Group Security Forum.
Ballot resolution will be against the proposed resolutions put forward by the sponsor.
For the benefit of those unfamiliar with The Open Group Standards Process Company Review, it is a formal process by which a document is approved for publication by The Open Group. You are invited to review and submit proposed changes ("Change Requests - CR") that would make the document acceptable to you. A formal ballot then decides which changes are accepted.
For more information on The Open Group Standards Process see: http://www.opengroup.org/standardsprocess/standards-dev.html
How to Participate
The Current PDF is located at: https://collaboration.opengroup.org/review-support/protected/documents.php?action=show&dcat=&gdid=33470
The PDF version is for your early access in preparation for the Company Review.
There you will see document titled: Integrating Risk and Security within a TOGAF® Enterprise Architecture
Click on the HTM file. That will bring up the Tagged document into which you will enter your Change Requests.
Or, you can use this URL with a link directly to the review document: https://collaboration.opengroup.org/doc-review/protected/revdocuments.php?grid=3655&action=launch
Click on the tag where you want to add your Change Request
Fill all areas (click on HELP if additional information is necessary)
When viewing the HTM/tagged file there are some links at the top of the page that you should be aware of:
“Help with Document Review” – provides you with excellent and detailed help instructions on entering and editing CRs
“Comments” – provides a table with the existing comments from all reviewers so you can see them in real-time.
CRs should be submitted using the online review system and must be received by the closing date. You will be asked to supply your Open Group ID and password to access the review site and materials.
If you have forgotten your id and/or password, you can request assistance at: http://www.opengroup.org/forgottenusername or http://www.opengroup.org/forgottenpassword, respectively.
The timetable for this review is as follows:
8/11/15 - Announce Company Review
8/11/15 - All review materials must be posted
8/17/15 - Review Opens
9/14/15 - Review Closes
9/18/15-9/25/15 -Convene teleconferences to propose resolutions
9/29/15 - Ballot Opens
10/6/15 - Ballot Closes
10/9/15 - Sanity Review Opens
10/16/15 - Sanity Review Closes
10/19/15 Executive Management Team Approval
PROCEDURE for Resolving CRs submitted during Company Review:
1. All requests for modifications must be the subject of formal change requests. They should be submitted via the web interface described above.
2. Immediately after being received from the sponsor, proposals recommending how each submitted change should be handled shall be circulated to the review group, together with a ballot table.
3. ALL members entitled to vote shall vote by electronic mail via the ballot group alias on EVERY submitted proposal within the agreed period. The ballot results shall be circulated immediately after the end of the ballot period.
4. Further discussion of the unresolved change requests during an agreed period may occur for an agreed limited period to seek a clear majority decision. Eventually, only changes that achieve 75% approval will be accepted.
5. The sponsor will announce the outcome of the vote.
You can use the link below to unsubscribe/subscribe (maintain your own account) yourself to specific Forums or workgroup mail lists:
If you wish to be removed from all Open Group Communications please place a ticket/request into the help desk here: https://help.opengroup.org/home
Please select the Membership category and we will have you removed.