1. Will the organization be providing training on what it means to achieve the objectives in the code? (A: seems to be an emerging consensus towards yes) 2. Are there any responsibilities to maintain compliance metrics such as David C's experience with the Athena Swan award process? (A: haven't heard anyone say yes to this) 3. Have we considered the CISSP / ISC2 Code of Ethics https://www.isc2.org/ethics/default.aspx ? (A: at least one reviewer did look at that one yes)
Normally I'm silent on saying I won't make the call but I'm the one that
brought up the CISSP Code and won't be there and welcome dialogue on this in
order for it to 'be considered'.
In a nutshell, my perception is there's a lot of 'be a good human being and
be professional to each other' in the IDPro code and to me that's a given.
(if it isn't, that's a problem in a bigger context, not just in this one)
If that¹s a given, what is *SPECIFIC* to an Identity expert that is
distinguishing and something that people can rally around? Will we resonate
with people and hear them say 'Yeah, I support that' or 'Yeah, that's what I
do around identity!' and 'I want to associate myself with this group because
I subscribe to their
approach/doctrine/techniques/mission/vision/values/goals/etc'.
To me things can distill down to focus. CISSP is a/has a broad surface of
security and associated principles which can include identity and best
practices topics whereas an identity expert is that but as applied in the
identity space with more focus on principles around identity and their
application. An IDPro can be at least minimally a capable CISSP, but more
specialized in the identity space.
I hope these thoughts make sense let me know if I'm off the mark as I
currently don't have access to the wiki
As always, thoughts welcome..
Chris.
From:
1. Be more vague about the completeness of enumerated lists. 2. Be more explicit about "do no harm"
1. Q: What does harm mean?
Looking forward to the call!
-
Scott
From: