By EDWARD CARBUTT, executive director at Marval Africa
The looming Protection of Personal Information (PoPI) Act in South Africa and the introduction of the General Data Protection Regulation (GDPR) in the European Union (EU) have brought information security to the fore for many organisations. This in addition to the ISO 27001 standard that needs to be adhered to in order to assist the protection of information has caused organisations to scramble and ensure their information security measures are in line with regulatory requirements.
However, few businesses know or realise that if they are already ISO 20000 certified and follow Information Technology Infrastructure Library’s (ITIL) best practices they are effectively positioning themselves with other regulatory standards such as ISO 27001. In doing so, organisations are able to decrease the effort and time taken to adhere to the policies of this security standard.
ISO 20000, ITSM and ITIL – Where does ISO 27001 fit in?
ISO 20000 is the international standard for IT service management (ITSM) and reflects a business’s ability to adhere to best practice guidelines contained within the ITIL frameworks.
ISO 20000 is process-based, it tackles many of the same topics as ISO 27001, such as incident management, problem management, change control and risk management. It’s therefore clear that if security forms part of ITSM’s outcomes, it should already be taken care of… So, why aren’t more businesses looking towards ISO 20000 to assist them in becoming ISO 27001 compliant?
The link to information security compliance
Information security management is a process that runs across the ITIL service life cycle interacting with all other processes in the framework. It is one of the key aspects of the ‘warranty of the service’, managed within the Service Level Agreement (SLA). The focus is ensuring that the quality of services produces the desired business value.
So, how are these standards different?
Even though ISO 20000 and ISO 27001 have many similarities and elements in common, there are still many differences. Organisations should take cognisance that ISO 20000 considers risk as one of the building elements of ITSM, but the standard is still service-based. Conversely, ISO 27001 is completely risk management-based and has risk management at its foundation whereas ISO 20000 encompasses much more
Why ISO 20000?
Organisations should ask themselves how they will derive value from ISO 20000. In Short, the ISO 20000 certification gives ITIL ‘teeth’. ITIL is not prescriptive, it is difficult to maintain momentum without adequate governance controls, however – ISO 20000 is. ITIL does not insist on continual service improvement – ISO 20000 does. In addition, ITIL does not insist on evidence to prove quality and progress – ISO 20000 does. ITIL is not being demanded by business – governance controls, auditability & agility are. This certification verifies an organisation’s ability to deliver ITSM within ITIL standards.
Ensuring ISO 20000 compliance provides peace of mind and shortens the journey to achieving other certifications, such as ISO 27001 compliance.
Jaguar drives dictionary definition
Jaguar is calling for the Oxford English Dictionary and Oxford Dictionaries to update their online definition of the word ‘car’
Jaguar is spearheading a campaign for the Oxford English Dictionary (OED) and Oxford Dictionaries (OxfordDictionaries.com) to change their official online definitions of the word ‘car’.
The I-PACE, Jaguar’s all-electric performance SUV, is the 2019 World Car of the Year and European Car of the Year. However, strictly speaking, the zero-emission vehicle isn’t defined as a car.
The OED, the principal historical dictionary of the English language, defines a ‘car’ in its online dictionary as: ‘a road vehicle powered by a motor (usually an internal combustion engine) designed to carry a driver and a small number of passengers, and usually having two front and two rear wheels, esp. for private, commercial, or leisure use’.
Whereas the current definition of a ‘car’ on Oxford Dictionaries.com, a collection of dictionary websites produced by Oxford University Press (OUP), the publishing house of the University of Oxford, is: ‘A road vehicle, typically with four wheels, powered by an internal combustion engine and able to carry a small number of people.’
To remedy the situation, Jaguar has submitted a formal application to the OED and OxfordDictionaries.com to have the definitions updated to include additional powertrains, including electric vehicles (EV).
David Browne, head of Jaguar Land Rover’s naming committee, said: “A lot of time and thought is put into the name of any new vehicle or technology to ensure it is consumer friendly, so it’s surprising to see that the definition of the car is a little outdated. We are therefore inviting the Oxford English Dictionary and the Oxford Dictionaries to update its online classification to reflect the shift from traditional internal combustion engines (ICE) towards more sustainable powertrains.”
The Oxford English Dictionary is widely regarded as the accepted authority on the English language. It is an unsurpassed guide to the meaning, history, and pronunciation of 600,000 words – past and present – from across the English-speaking world.
Jaguar unveiled the I-PACE, its first all-electric vehicle, last year to deliver sustainable sports car performance, next-generation artificial intelligence (AI) technology and five-seat SUV practicality.
Featuring a state-of-the-art 90kWh lithium-ion battery, two Jaguar-designed motors and a bespoke aluminium structure, the I-PACE is capable of 0-100km/h in 4.8 seconds and a range of up to 470km (WLTP).
While both the Oxford English Dictionary and Oxford Dictionaries review the application, Jaguar is encouraging people to get behind the campaign by asking how the word ‘car’ should be defined. Contact Jaguar on Twitter, Facebook and Instagram using #RedefineTheCar with your thoughts.
How Internet blocks visually impaired
A pervasive “digital divide” inhibits blind people from accessing the Internet, according to a study conducted by Nucleus Research for Deque Systems, an accessibility software company specialising in digital equality. This results in visits to websites being abandoned, further resulting in a missed market opportunity for the websites in question.
The study, which conducted in-depth interviews with 73 U.S. adults who are blind or have severe visual impairments, revealed that two-thirds of the Internet transactions initiated by people with vision impairments end in abandonment because the websites they visit aren’t accessible enough. Ninety percent of those surveyed said they regularly call a site’s customer service to report inaccessibility and have no choice but to visit another, more accessible site to make the transaction.
The Nucleus study also scanned hundreds of websites in the e-commerce, news and information and government categories and found that 70 percent had certain “critical blockers” that rendered them inaccessible to visually impaired users.
“Besides the moral dilemma and legal risk, businesses with inaccessible websites are missing a huge revenue opportunity by ignoring an untapped market,” says Preety Kumar, CEO of Deque Systems. “Among internet retailers specifically, two-thirds of the top ten online retailers had serious accessibility issues, meaning they are leaving $6.9 billion in potential North American e-commerce revenues on the table.”
Web accessibility refers to the ability of people with disabilities to independently gather information, complete transactions, or communicate on the Internet. Most visually impaired Internet users rely on assistive technologies like screen readers or screen magnifiers to render sites perceivable and operable. However, these assistive technologies require that websites be built with accessibility in mind and optimized to interface with assistive technology, in order to convey information in an accurate and understandable manner.
Critical accessibility blockers can vary across industries. In e-commerce, problems include issues like missing form and button labels (thereby making forms or the “checkout” button invisible without context). Amazon, Best Buy and Target were found to be accessibility leaders in this space. Additionally, the study found:
- Eight out of ten news sites had significant accessibility issues.
- Seven out of ten blind persons reported being unable to access information and services through government websites, including Medicare’s site.
- Fewer than one in three websites have clear contact information or instructions for blind persons to seek help if they encounter accessibility issues, meaning many have low levels of success in reporting and solving these problems.
“A focus on accessibility needs to be a core part of the website design and development process,” continues Kumar. “Considering accessibility as early as the conception phase, and proactively building and testing sites for accessibility as they move towards production, is significantly more effective than remediating it later, helping organizations save significant time and resources while avoiding unnecessary customer grievances.”
To download the report, visit: https://accessibility.deque.com/nucleus-accessibility-research-2019