Regulations, Policies and Legal Frameworks Related to Ict: International Management Standards for Ict Development in the Greater Mekong Subregion

Contents......Page 6
Foreword......Page 4
Abbreviations......Page 14
PART ONE – REPORT OF GMS/REGIONAL WORKSHOP ON THE PROMOTION OF INTERNATIONAL MANAGEMENT STANDARDS FOR ICT DEVELOPMENT......Page 16
I. ORGANIZATION OF THE WORKSHOP......Page 18
II. PRESENTATIONS BY THE RESOURCE PERSONS......Page 21
III. COUNTRY PRESENTATIONS ON CURRENT STATUS, INITIATIVES UNDERWAY AND FUTURE GOALS......Page 31
IV. CONCLUSIONS AND RECOMMENDATIONS......Page 40
I. List of participants......Page 44
II. Programme......Page 48
PART TWO – ISO 9000 PROCESS MODEL FOR CONVERGENCE OF MANAGEMENT SYSTEMS FOR ECONOMY AND EFFICIENCY IN THE IT INDUSTRY......Page 50
II. QUALITY A MOVING TARGET IN ICT SECTOR......Page 52
III. PROCESS APPROACH......Page 53
IV. ISO 9001:2000 A PROCESS MODEL......Page 54
V. ISO 9000 AS DRIVER FOR PROCESS MANAGEMENT......Page 55
VI. HARMONIZATION STANDARDS AND CERTIFICATION SYSTEM......Page 56
VII. HARMONIZATION OF STANDARDS – ROLE OF TRADE AGREEMENTS......Page 57
VIII. HARMONIZATION PROCESS OF STANDARDS – CONCEPT OF 1-1-1......Page 58
A. Genesis......Page 62
B. Application of ISO 9000 in hardware and software ICT industry......Page 64
C. Integration of management systems for economy and efficiency......Page 87
D. Status of international standardization in ICT sector......Page 93
E. International software engineering standards......Page 95
F. International information security management systems standards......Page 97
G. Conclusions......Page 98
I. International standards on software and system engineering......Page 100
II. International standards on IT security techniques......Page 104
PART THREE – CAPABILITY MATURITY MODEL (CMM) – USHERING IN THE CULTURE OF SOFTWARE ENGINEERING FOR DEFECT-FREE AND SECURE IT…......Page 108
I. INTRODUCTION......Page 110
II. SECTION I JUSTIFYING THE NEED FOR PROCESS IMPROVEMENT......Page 111
III. SECTION II THE SOFTWARE CAPABILITY MATURITY MODEL (SW-CMM)......Page 117
IV. SECTION III REAPING THE BENEFITS OF CMM/CMMI BASED PROCESS IMPROVEMENT......Page 143
PART FOUR – INFORMATION SECURITY – ISO 17799:2000 FOR SURVIVAL AND BUSINESS CONTINUITY......Page 166
A. Status of information security......Page 168
B. Information security management standards......Page 176
C. Management of risk and business continuity......Page 189
D. Ecosystem for survival......Page 198
E. Case study......Page 208
I. Information security management system terms and definitions......Page 213
II. GMS/regional workshop on the promotion of international management standards for ICT development (17-19 August 2004) BS 7799 – Information security management…......Page 216
PART FIVE – APPLICATION OF ISO 9001:2000 IN THE ICT INDUSTRY......Page 218
I. INTRODUCTION......Page 220
II. APPLICATIONS OF ISO 9001:2000 IN SOFTWARE INDUSTRY......Page 221
III. ISO 9001 REQUIREMENTS......Page 222
IV. IMPLEMENTATION OF ISO 9001......Page 231
V. CONCLUSIONS......Page 232
PART SIX – APPLICATION OF CMM IN THE ICT INDUSTRY......Page 234
PRESENTATION......Page 236
PART SEVEN – RISK ANALYSIS/MANAGEMENT FOR INFORMATION ASSETS FOR INTRODUCING SECURITY MANAGEMENT SYSTEMS......Page 256
PRESENTATION......Page 258
PART EIGHT – CASE STUDY 01 ON IMPLEMENTATION OF ISO 9001:2000 IN THE ICT INDUSTRY......Page 270
I. INTRODUCTION......Page 272
II. TEN COMMANDMENTS FOR ISO 9001 IMPLEMENTATION IN SOFTWARE INDUSTRY......Page 273
III. IMPLEMENTATION OF ISO 9001:2000 IN ICT INDUSTRY – A CASE STUDY......Page 280
PART NINE – CASE STUDY 02 ON IMPLEMENTATION OF CMM IN THE ICT INDUSTRY......Page 282
PRESENTATION......Page 284
PART TEN – CASE STUDY 03 ON IMPLEMENTATION OF ISO 17799:2000 IN THE ICT INDUSTRY......Page 304
PRESENTATION......Page 306