Public-Private Sector Common Investments Utilized
Foundation for Public-Private Collaboration
The National Forum for Public-Private Collaboration has taken the excellent work of the Department of Defense embodied in the DESMF, referenced above, and have created a mirrored document with the minor changes of replacing the references to DoD with “organization” and “warfighter” with “customer”. We call this mirrored copy the Foundation for Public-Private Collaboration (FPPC).
The FPPC describes a life cycle for enterprise service management, including Service Strategy, Service Design, Service Transition, Service Operation, and Continual Service Improvement. Through the Forum, the FPPC establishes the base lexicon for public and private collaboration on cyber resilience and other relevant business topics. Forum activities utilize this document as a foundation for public and private collaboration.
We reference other publicly available frameworks, standards, and methods in support of balanced, reasonable and prudent guidance addressing the imperative needs of an organization such as sustainability and resilience. The FTC asks for reasonable approaches, our leadership seeks effective, prudent and disciplined use of limited resources to protect and enable business value.
We recognize the need for organizations to be adaptable and agile in the face of intentional and unintentional cyber threats, competitive and legislative landscapes, change in organizational directions and other considerations. The resulting reasonable and prudent guidance maps to the FPPC and by association the DESMF.
The Foundation for Public-Private Collaboration is a great resource because it is freely available with no licensing or other restrictions, and it provides comprehensive coverage of IT service management. The practices described are applicable to both public and private sector organizations, regardless of their size or the industry they operate in.
“Cyber resilience must be tightly coupled with and support business value. Measurable reasonable, prudent and disciplined approaches are established by including internal and external collaboration as part of each organization’s strategy to support their mission. This must not stifle the innovation needed to create and protect business value.” Charlie Tupitza
The National Foundation for Public-Private Collaboration is creating easy to use guidance, based on the existing FPPC by incorporating support for cyber resilience into every lifecycle stage and process it describes. The guidance will show how every service management process should contribute to cyber resilience, and show how cyber resilience controls can contribute to each stage of the lifecycle and to each service management process. The resulting document will be published under a Create Commons License to ensure it can be reused for purposes such as:
Helping both public and private sector organizations to incorporate cyber resilience into how they manage their IT systems and services.
Fostering collaboration between information security and IT service management teams and organizations.
Helping organizations offering tools and consulting to integrate support of both cyber resilience and IT service management into their offerings.
Providing content of value available for consideration in future releases of the DESMF and other Frameworks, as well as Standards, and Methods.