One of the other nominees in the ComputerWeekly.com blog awards which I mentioned last week was Philip Virgo of EURIM... though, as a ComputerWeekly-hosted contributor he's not eligible to progress beyond nomination :^(
Philip's latest post, here ("How do we rebuild trust in the online world?"), does a great job of looking across the wide range of government-related documents I referred to in last Thursday's post, and draws the conclusion that it's no longer any good just maintaining a narrow focus on information security. It's time for the harder bit - principles of information assurance and information governance need to be put into practice across the board.
With that in mind, the recent publication by the Liberty Alliance of the public draft on its Identity Assurance Framework and the Identity Governance Framework released a year ago can only increase in relevance. The Identity Governance Framework allows organisations to set their information management processes in the context of applicable legislative control (such as the European Data Protection Directive, Sarbanes Oxley, HIPAA and the like). The Identity Assurance Framework is there to establish a set of baseline policies, business rules, and commercial terms against which any identity assurance services - whether in the commercial or public sector - can be assessed.
The Liberty e-Government SIG is also in play, well placed to ensure that these frameworks cater adequately for the specific needs of public sector organisations.
![[RSS Newsfeed]](/themes/sotto/images/valid-rss.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}