2013年5月30日星期四

ISO/IEC 27001 的啟示: 先找尋 Threat 還是 Vulnerability



從事 IT Security 的朋友,請想想以上的問題。

根據 ISO/IEC 27001 ,是先找 Vulnerability 再找 Threat。但為什麼?

讓我們分析,Threat 是外部的,而 Vulnerability 是內部的;物先腐而後蟲生:內有弱點,再加上外在威脅,才會造成破壞。

Steve ISO/IEC 27001 Foundation 課堂中與同學商討這問題,有同學提出一個很好的解釋。以一個 OS 為例,由於系統複雜,必定有大量的 bug,處理所有的 bug 幾成不可能的任務;若先找出外面的 Threat,再處理相應的 Vulnerability,則較易做到。在此多謝這同學分享的見解。

Steve 再推想,處理人生問題卻應將次序倒過來,人應先反省自己,改正自己的弱點,才能做到「苟日新,日日新,又日新」。 《六祖壇經》亦說:「若真修道人,不見世間過」。


2013年2月28日星期四

Traditional vs. Agile Project Management

It is the simplest graphics showing the difference between Traditional and Agile Project Management.



DSDM Atern is the most comprehensive Agile Project Management framework.

The two approaches are actually different perspectives on the project constraints.

Want to know more? Join our Agile Project Management Certifications Bundle Course.

http://www.greatlearning.edu.hk/PMI-ACP-scrum-agile.html

2013年1月2日星期三

New PMP Exam will be on 31 July 2013

PMBOK® v5 is finally released!



So what’s the impact for PMP® candidates?

- New exam syllabus will be effective on 31 July 2013 based on PMBOK® v5.
- New syllabus means uncertainty. For example, do you want to memorize one more knowledge area as the diagram?

Action NOW for taking PMP® exam sticking to the old and well-known syllabus. Great Learning will offer PMP® courses more frequently during this period. 

http://www.greatlearning.edu.hk/pmp.html