About OISSG
Over the past few decades, organizations have increasingly relied on information systems to process data for their essential business functions. Having the information systems in electronic form exposes the business to several security risks. These threats were always present, but having this information in networked systems makes it all the easier for hackers to access the data. Information security risks have also evolved from viruses that spread through floppies to complex worms with denial of service capabilities like Blaster, Sasser, RPC DCOM, Nimda, and Code Red, which have affected numerous organizations.
Network complexity is increasing with connectivity to 3rd parties like suppliers & home workers, which opens up many weaknesses in today's corporate networks. These problems increase exponentially due to inadequate information & lack of awareness. Organizations must invest significant effort to secure themselves from these threats, and information security professionals must keep themselves updated with the latest threats to reduce these risks. An independent and non-profit organization called Open Information System Security Group emerged to inform the community regarding these threats better and equip them with the necessary tools to fight malicious activities.
Vision
OISSG is an independent and non-profit organization with a vision to spread information security awareness by hosting an environment where security enthusiasts from all over the globe share and build knowledge.
Mission
OISSG has identified the following to achieve its vision:
- By writing assurance/testing standards
- By organizing conferences
- By finding software bugs
- By organizing challenges
- By building computer security incident response teams
- By developing multiple channels of communications
- By setting up research labs
- By providing all New Mexico forms and legal PDF templates
Sales and Transfer Documents
The New Mexico bill of sale is a general document used to confirm the transfer of various types of personal property. It provides details of the transaction, such as item description, price, and parties involved.
The New Mexico vehicle bill of sale is a critical document for recording the sale of a car within the state. It captures essential details such as the make, model, year, VIN, and the agreed-upon sale price and includes the buyer's and seller's signatures. This document is necessary for legally transferring ownership and registration at the DMV.
Similarly, the New Mexico trailer bill of sale documents the transaction of a trailer. It lists important information, including the trailer's type, size, identification number, and the sale transaction details. This bill of sale is essential for the trailer's proper registration and legal transfer, ensuring all parties have a transaction record for future reference or legal needs.
The New Mexico firearm bill of sale was created to transfer firearms. It details the make, model, serial number, and buyer and seller information to ensure compliance with state regulations.
Real Estate and Leasing
The New Mexico lease agreement sets forth the terms under which a property is rented, including duration, rent amount, and each party's responsibilities, providing a foundation for the rental relationship.
Landlords use the eviction notice in New Mexico to start the legal process for removing a tenant due to lease violations, such as non-payment or breach of lease conditions. This document outlines the reasons for eviction and the time frame for tenant compliance or vacating.
The quit claim deed in New Mexico is often employed for quick property transfers without warranty. It is commonly used between family members or to settle divorces, simplifying the property transfer process by releasing any owner's interest in the property.
Legal Authorities and Powers of Attorney
A power of attorney in New Mexico enables an individual to appoint someone else to handle their personal, business, or financial responsibilities. This document is crucial for managing affairs during the principal's absence or incapacity.
The New Mexico durable power of attorney extends this arrangement, ensuring that the designated agent's power remains effective even if the principal becomes incapacitated, providing continuity in managing the individual's affairs.
The medical power of attorney in New Mexico allows a person to designate a healthcare agent to make medical decisions, ensuring medical treatments align with their wishes.
Estate Planning and Health Directives
The New Mexico will form allows individuals to outline how their assets should be distributed upon death. This document is essential for estate planning, appointing an executor to carry out the decedent's wishes and manage the estate.
A living will in New Mexico provides directives for medical care in situations where the individual cannot make decisions themselves, such as in cases of terminal illness or incapacitation.
The New Mexico transfer on death deed enables property owners to designate beneficiaries to inherit their real estate upon their death automatically, bypassing the probate process and simplifying the transition of property ownership.
History
To offer guidance and security advice to businesses and government agencies, security professionals must be able to translate their knowledge and experience as value addition to the business. In March 2003, information security professionals started a security mailing list that allowed security professionals across the globe to participate in friendly, open discussions about information security. The list allows security professionals to share their information security experience and knowledge to create a framework wherein the information from everybody will be used to develop generally acknowledged security practices. Over the past year, the list has grown to over 700+ professionals, resulting in the Open Information System Security Group.
This group comprises security professionals across the globe, working in diversified business areas like IS consulting, Health Care Industry, Financial Institutions, and Banking Industry.
Our Industry Expectation
Infrastructure Support
To organize conferences
To set up research labs
Flexible work policies
Permit employees to participate in such non-commercial ventures
Encourage security research activities
Why OISSG?
Local Chapters
The idea behind local chapters and meetings is to foster the exchange of knowledge and information. These local chapters are a great place to network and improve skills. They are also a great resource when tackling complex problems. Our projects are based on the real-world practical needs of security professionals.
Learning
Our chapter meetings, global and regional events, conferences, and workshops are vital resources for sharing and building knowledge. We organize contests for testing security and ethical hacking skills; it encourages and judges your skills.
We organize a free one-day and one-week (theory and hands-on) conference/workshop for our members.
Jobs
Our jobs manager contacts companies and will help you search for a job. Local chapter meetings are an excellent way to learn about local market opportunities.
Leadership
We provide our members a platform to be a speaker in our conferences/workshops. Being part of the local chapter means you can represent OISSG in other industry events. Contact your local chapter to participate in our conferences/workshops/seminars.
Respect
As a part of the OISSG chapter, you will get recognition in the information security world. You can share your ideas/views about information security. You can publish your articles on our site and have your views heard. At our site and get visibility of your views.
Projects
Practical problems are identified in our projects to meet real-world business requirements.
How to Become an OISSG Member?
Membership is open to any enthusiast/professional who shares our vision. To become a member, subscribe to the OISSG website, follow group ethics, and contribute to strengthening the information security world.
INFORMATION SYSTEMS SECURITY ASSESSMENT FRAMEWORK (ISSAF)
Download the available ISSAF releases:
ISAF version 0.2.1 ( Full release )
ISAF version 0.2.1 A (Non-Technical chapters)
ISAF version 0.2.1 B ( Technical chapters )
The Information Systems Security Assessment Framework (ISSAF) seeks to integrate the following management tools and internal control checklists:
- Evaluate the organization's information security policies & processes to report on compliance with IT industry standards and applicable laws and regulatory requirements.
- Identify and assess the business dependencies on infrastructure services provided by IT.
- Conduct vulnerability assessments & penetration tests to highlight system vulnerabilities that could result in potential risks to information assets.
- Specify evaluation models by security domains to :
- Find misconfigurations and rectify them
- Identifying risks related to technologies and addressing them
- Identifying risks within people or business processes and addressing them
- Strengthening existing processes and technologies
- Provide best practices and procedures to support business continuity initiatives.
- Business Benefits of ISSAF
The ISAF is intended to comprehensively report on the implementation of existing controls to support IEC/ISO 27001:2005(BS7799), Sarbanes Oxley SOX404, CoBIT, SAS70, and COSO, thus adding value to the operational aspects of IT-related business transformation programs.
Its primary value will derive from the fact that it provides a tested resource for security practitioners, thus freeing them up from commensurate investment in commercial resources or extensive internal research to address their information security needs.
It is designed from the ground up to evolve into a comprehensive body of knowledge for organizations seeking independence and neutrality in their security assessment efforts.
It is the first framework to validate bottom-up security strategies, penetration testing, and top-down approaches, such as standardizing an audit checklist for information policies.
History and Overview of ISSAF
ISSAF constantly evolves a framework that can model the internal control requirements for information security. Defining the tests and the domains to be tested seeks to unify management policies with technical operations to ensure complete alignment between all levels.
ISAF covers major information technology platforms and most high-level IT-related operational processes and is intended to apply to major industry verticals such as banking, manufacturing, and services. This ubiquity of ISSAF is intended to ease its adoption as the preferred security assessment framework by IT departments worldwide. In the process of this adoption, OISSG seeks to position it as the basis for accrediting an organization's information security systems at the level of technical specifications that have been tried and tested by leading security practitioners worldwide.
ISAF version 0.2 is being released to the industry based on extensive testing by several information security specialists working worldwide on different platforms for security assessments at organizations in different vertical markets. Organizations and assurance professionals are releasing it, subject to appropriate open licensing terms.
Overview
At OISSG, we actively promote research activities that add value to the information security community. Corporations and members provide funding for these activities.
If you are interested in joining our research projects, please get in touch with us at the email address provided for each project.