How has the first year with ISO/TC 292 been?
ISO/TC 292’s first year has been very busy and filled with activities to ensure the member's active participation in the establishment and forming of the committee. I believe this will put us in a very favorable position for the coming years.
The goal for the first year was three. One ensuring a smooth transition from the disbanded committees. Second ensuring an evolving process for ISO/TC 292 that fulfills the ISO directives by reviewing the title, scope and thirdly, ensuring a strategic process initiating the work of the strategic business plan. This has created a foundation and a structure for the work program securing no disruption of work. You have to remember that this is a process that ISO never have done before. A close cooperation with ISO Central Secretariat has been vital to make sure that everything has been done in the correct way. Creating everything for a new committee takes time but we also had to secure systems and ongoing projects were moved to ISO/TC 292 without any interruptions.
The starting point was the inaugural plenary meeting in Morioka (Japan) and the year was concluded by a second plenary meeting held on Bali (Indonesia). In Morioka, the discussion was focused on our title and scope and we also came up with a proposal for a suitable organization for the work which we can grow from. On Bali we had left the initial phase and moved on to an operational mode. 140 experts from 20 member countries participated in the plenary sessions and in the six working group that had been established. The meetings had great atmosphere, impressive cooperation and sustainable results. After a very intensive year, it was clear that the delegates and experts wanted to get back to business and focus on developing standards.
Personally, I am impressed by the cooperative atmosphere and the engagement the delegations have shown. It’s a great team and this is just the beginning on something greater.
What have been the major challenges for the committee and how have you as Chair met them?
One of the most fundamental rules in standardization is the consensus principle – ‘a process that involves seeking to take into account all views of parties concerned’. However, time is also limited and without moving forward we would not produce any standards. As Chair I try to create the best possible prerequisites for the standards development and it’s a challenge to find a perfect balance and know when to slow down to get people on board as well as to speed up if the group is ready to go to the next phase even though the discussions have been hard. Initially, I made sure that all members were given many opportunities to discuss scope, title, clustering of the given work program, and the structure of the committee. We have had good discussions although we have different cultures, languages, national priorities and opinions.
The creation of ISO/TC 292 included to secure coordination, alignment, streamlining, visibility, prevention of duplication and overlapping of standards and optimize stakeholders involvement. In other words, we in the committee need to form a culture, working methods and procedures that support ISO’s vision for merging the previous committees. Therefore, our work has and will continue to be performed in an open and transparent process where everyone can participate on equal grounds. Even though we had very hard discussion at our inaugural meeting, the result was 44 unanimous resolutions. That is impressive and shows that involvement, open discussions are a good way to find common grounds to move forward!
One issue required much time and consideration and that was the structure of ISO/TC 292. Therefore we organized a two day meeting at ISO/CS in Geneva in August to follow up on the discussions at the inaugural meeting as well as member votes and comments. The result of the meeting was an internal standing document on structure, process and culture as the structure isn’t the only critical issue for a well-functioning committee.
I believe that the active bottom up approach securing the members participation has shown to be fruitful and contributed to an important open atmosphere within the committee. Different meeting platforms and forums have therefore been established. In particular, the Head of Delegation meetings have also shown to be very efficient and important in order to ensure all members right and opportunity to express and share their input and contributions.
Two challenges lays ahead of us. First is the recruitment of expertise to all groups and addressing new areas. Second is cooperation and boundaries to other committees developing standards close to our scope.
What has ISO/TC 292 accomplished during 2015?
As the Chair, I am very proud over what ISO/TC 292 has accomplished over its first year. I believe the committee is on the right track finding its way of working and structuring the standardization for a more secure and resilient world.
As all new committees we have worked very hard initially to establish a functional organization for the work, assigning leaderships, establishing working groups and so on. However we have also kept the momentum and not interrupted any ongoing work from the previous committees. In practice, we were able to publish six ISO deliverables in our first year (ISO18788, ISO 22322, ISO 22324, ISO/TS 22317, ISO/TS 22318 and ISO/TR 22351). So far we have managed to get over 50 countries to become members of the committee but we want more experts to join our important work. Therefore a special focus has been put on communication effort leading to the launch of a committee website (www.isotc292online.org) with the purpose to increase information about the committee and its activities.
How do you see the future on standardization in security and resilience and what will ISO/TC 292 do next?
The world is naturally evolving and meeting new challenges, risks and threats. 2/3 of our population will live in cities by 2050 as well as flow across border of people, goods, money and data etc is increasing. Relating risks, threats and crimes is growing. This means that organizations evolve with these challenges and opportunities in this IT based society. All organizations have a greater need to address security and improve their resilient capability. This means that there is a great need for standards. We need to get together, learn from each other and the good examples out there and develop standards to help all organizations getting more secure and resilience organizations. In other words develop global relevant standards that raise the security and resilience in our society which requires engagement and dialogues across countries, sectors and lines of businesses.
Over all, the members have shown an impressive engagement and commitment in the development of ISO/TC 292. This has resulted in the constructive and fast establishment of the committee. ISO/TC 292 now has a tentative meeting plan for the three coming years. This provides all groups and members of the committee with the opportunity to plan their work and activities. In addition, a process is in place to stimulate growth and standardization by developing a TC roadmap complementing the Strategic business plan. One key developing process is the cooperation with the UN and how ISO/TC 292 can be a platform to develop standards that supports the implementation of the UN frameworks. A specific Task Force is in place for this. The Developing Countries Contact Group is also developing in close cooperation. We for sure have a very interesting development ahead of us.