Future car

Mikhail Gorbachev, the former Soviet statesman and winner of the Nobel Prize for Peace, was among the distinguished guests speaking at a high-level forum of automotive industry leaders organized by the International Organization for Standardization (ISO) on 2 December in 2011 in Geneva, Switzerland, at the invitation of the ISO President for 2011-2012, Dr. Boris Aleshin.

With more than a billion estimated road vehicles in use worldwide, if the automotive sector uses state-of-the-art standards for aspects such as safety, performance, impact on the environment, and requirements for supply chain partners, this can have an enormous impact on all three dimensions of sustainable development – social, environmental and economic.

The ISO President’s Forum provided a unique opportunity for the automotive industry to engage with ISO and

other standards developing organizations, and discuss the needs and priorities for International Standards in the sector in the coming years.



Some 35 automobile industry leaders from companies such as Audi, Daimler, Renault, Volkswagen, and Volvo provided direct input on what standards are needed to meet the challenges of the industry and those of its customers and stakeholders. At least eight standards developing organizations were represented at the Forum.

As the event’s sponsor and host, ISO President Dr. Boris Aleshin highlighted the objectives of the Forum: “Past and current successes should not allow us to fall into the trap of complacency. We can always do better and this is why ISO has invited you here for this rather unique event.”

In his opening remarks, Mr. Gorbachev said that “Leaders in the automotive industry are now demonstrating greater understanding than simply developing the sector in a linear manner, i.e. increasing productivity and developing new markets, that may lead to a dead end.”

Read more text http://www.iso.org

Records facilitate transparency standard

In the wake of recent failures in corporate governance, two new ISO standards will help organizations to disclose corporate information quickly and effectively. Increased pressure by industry regulators obliges companies to provide such information because irregularities in financial management, ethical dealings, disclosure, and transparency of decisions have become common.

ISO 30300:2011, Information and documentation – Management systems for records – Fundamentals and vocabulary, and ISO 30301:2011, Information and documentation – Management systems for records – Requirements, distil the expertise of experts drawn from 27 countries on five continents.

These standards have been developed to be compatible with and complementary to other management system standards (MSSs) developed by ISO, such as ISO 9001 (quality management), ISO 14001 (environmental management), and ISO/IEC 27001 (information security management).

ISO 30300 is the umbrella standard which includes the fundamentals and vocabulary common to the whole series, while ISO 30301 specifies requirements for an MSR (management system for records). Further standards in the ISO 30300 series are under development.

Judith Ellis and Carlota Bustelo, leaders of the working groups that developed the standards, underline that, “The ISO 30300 series offers the methodology for a systematic approach to the creation and management of records, aligned with organizational objectives and strategies. Managing records using an MSS supports cost-effective operational processes, such as storage, information retrieval, information re-use, litigation and due diligence.”

Read more text http://www.iso.org

Information security controls

An ISO/IEC technical report (TR) providing technical controls and compliance guidelines for auditors can improve the effectiveness of an organization’s information security system.

ISO/IEC TR 27008:2011, Information technology – Security techniques – Guidelines for auditors on information security controls, aims to instill confidence in the controls underpinning an organization’s information security management system. The review applies to all parts of the organization, including business processes and its information systems environment.

“The business environment is constantly changing – along with threats to a company’s survival. Organizations

need to be ahead of the game, and an excellent defence can be built around audit of the controls used to support the information security,” says Edward Humphreys, leader of the working group that developed the new document.



“ISO/IEC TR 27008:2011 supports a rigorous organizational security audit and review programme for information security controls, to enable the organization to have confidence that their controls have been appropriately implemented and operated and that their information security is ‘fit for purpose’.”

ISO/IEC 27008 provides guidance on reviewing the implementation and operation of controls, including technical compliance checking. The document is principally aimed at information security auditors who need to check the technical compliance of an organization’s information security controls against ISO/IEC 27002 and any other control standards used by the organization. ISO/IEC TR 27008 will help them to:

- Identify and understand the extent of potential problems and shortfalls of information security controls
- Identify and understand the potential organizational impacts of inadequately mitigated information security threats and vulnerabilities
– Prioritize information security risk mitigation activities
– Confirm that previously identified or emergent weaknesses or deficiencies have been adequately addressed
– Support budgetary decisions within the investment process and other management decisions relating to improvement of organization’s information security management.

Read more text http://www.iso.org

Benefits for a world of seven billion people

As the world population achieves a new landmark of seven billion people, ISO standards offer practical tools for sustainability and a better, safer world.

According to the United Nations Population Fund (UNFPA), the population of our planet has now reached seven billion people (1). It said “This unique moment in human history represents both an achievement and a challenge, and will have an impact on every single person on the planet. A world of seven billion has implications for sustainability, urbanization, access to health services and youth empowerment – however, it also offers a rare call-to-action opportunity to renew global commitment for a healthy and sustainable world.”

ISO Secretary-General Rob Steele comments: “Standards play a pivotal role in facilitating the interaction of so many people. Every day, thousands of ISO standards help people at work, in the home and at play, by promoting quality and efficiency, making lives safer and more comfortable, fostering economic prosperity and looking after

our planet. And that is because ISO standards are made by people to help solve problems for people.”

Examples include standards for food safety, medical devices, social responsibility, building and construction, transportation and fighting climate change. Whether we are pressing on the brake of a car, playing ice hockey protected by a helmet, or using a computer, ISO standards make an important contribution to our safety and efficiency.

As the world population reaches seven billion, International Standards can help address the ever growing challenge of sustainability. For example, standards for food and water quality and for energy management can contribute to an effective use of resources. And standards for new technologies help promote and deploy innovations crucial to facilitating the lives of a rising population. In fact, most ISO standards contribute in one way or another to addressing the economic, societal and environmental aspects of sustainability.

Read more text http://www.iso.org

Road vehicles – Pedestrian protection ISO 11096:2011

The number of pedestrian leg injuries caused by dangerous car design should be reduced thanks to an ISO International Standard defining a new crash test method.

According to the World Health Organization, road traffic accidents kill more than one million people a year, injuring another thirty-eight million (five million of them seriously). The death toll on the world’s roadways makes driving the number one cause of death and injury for people aged 15 to 44.

ISO 11096:2011, Road vehicles – Pedestrian protection – Impact test method for pedestrian thigh, leg and knee, sets out a test method to assess the protection of an adult pedestrian by simulating the leg-impact conditions sustained during the car-to-pedestrian crash.

The goal is two-fold – to:

- Provide information on pedestrian safety to consumers
– Induce manufacturers to develop vehicles with excellent pedestrian protection.

Sukhbir Bilkhu, Chair of the ISO subcommittee that developed the standard, commented: “The pedestrian impact test simulates accidents in which a pedestrian is hit by an oncoming vehicle. These accidents represent about 15 % of fatal crashes. Thanks to ISO 11096, we will make substantial progress in improving vehicle structure, and in so doing, reducing pedestrian lower-limb injuries.”

Read more text http://www.iso.org

Security techniques

From hackers trying to break into networks, to insiders using their knowledge and internal access rights to use company data for their personal gain, the impact from a wide variety of information security threats can be reduced using an information security incident management approach contained in the new International Standard ISO/IEC 27035:2011.

Information security breaches can compromise your business systems, and cause disruption to business operations. Being prepared and responding in a timely and effective way can mean the difference between minor incident and a business disaster. Using an information

security incident management system enables organizations to have the controls and procedures in place to manage a wide variety of security incidents and vulnerabilities.

ISO/IEC 27035:2011, Information technology – Security techniques – Information security incident management, gives “how to” guidance on detecting, reporting and assessing information security incidents and vulnerabilities.

It will help organizations respond to information security incidents, including the activation of appropriate controls for the prevention and reduction of, and recovery from, impacts, and, in so doing, learn and improve their overall approach.

Integrating an information security incident management system offers several benefits:

Read more text http://www.iso.org

Help improve food safety

The use of a new ISO standard on the traceability of finfish products will help improve food safety by supplying stakeholders throughout the supply chain with accurate information about the origin and nature of these products.

Finfish constitute an important part of the modern food industry. We consume more and more products coming from the four corners of the globe and fish, in particular, may be caught thousands of kilometers from their place of consumption.

During the past decade, several food crises have seriously affected many countries. Following the outbreak, the

concept of traceability of food products has become a matter of special interest to policy makers and scientists.

ISO 12875:2011, Traceability of finfish products – Specification on the information to be recorded in captured

finfish distribution chains, specifies the information to be recorded in marine-captured finfish supply chains in order to establish traceability.

It specifies how traded fishery products are to be identified, and the information to be generated and held on those products by each of the food businesses that physically trade them through the distribution chains. The standard deals with the distribution for human consumption of marine-captured finfish and their products, from catch through to retailers or caterers.

Read more text http://www.iso.org

ISO escalators security standard

A new ISO standard will increase the safety and user comfort of the escalators used around the world on a daily basis by millions of people.

Escalators are installed in many locations such as shopping centres, cinemas, airports, railway stations and subways and they are used every day in the world by millions of people.

ISO technical report ISO/TS 25740-1:2011, Safety requirements for escalators and moving walks – Part 1: Global essential safety requirements (GESR), specifies safety requirements for escalators and moving walks, the components and functions, and provides methods for

minimizing safety risks that might arise in the course of the operation and use of, or work on, escalators and moving walks.

The objective of this technical specification is to define a common global level of safety for all people using, or

associated with, escalators and moving walks and provide a uniform process for assessing their safety. The requirements will help:

Developers of safety or safety-related standards for escalators and moving walks
Designers of escalators and moving walks, manufacturers and installers, and maintenance and service organizations
Independent third-party conformity assessment bodies
Inspection and testing bodies and similar organizations.

ISO/TS 25740-1 facilitates innovation of escalators and moving walks not designed according to existing local, national or regional safety standards, while maintaining equal levels of safety (if such innovations become state of the art, they can then be integrated into the detailed local safety standard at a later date).

Developed as a product safety standard, the technical specification will help users and non-users to be protected from the effects of falling, shearing, crushing or abrasion, or other injuries. The objectives of the safety requirements are to:

Read more text http://www.iso.org

C++ language

C++, one of the most popular programming languages used in everything from Web browsers to 3D video games, has been fully updated and published as, ISO/IEC 14882:2011, Information technology – Programming languages – C++.

ISO/IEC 14882:2011 defines the programming language and specifies requirements for implementation. Also known as C++11, this is the first major revision of the standard since 1998. Its new features extend C++’s traditional strengths of flexibility and efficiency – for example, lambda functions, move semantics, and variadic templates further enable developers to use powerful expressiveness and strong abstraction to write efficient,

high-performance code with full access to the hardware available when needed. Even more, the new C++11 has the convenience and ease of use of other modern languages – from features like auto type deduction and explicit virtual override control, to standard smart pointers that mean never writing delete again.



“During recent years the industry has paid more attention to ‘newer’ managed-code environments like Java that emphasize programmer convenience at the expense of expressive power and performance, for example by requiring always-on garbage collection, metadata for reflection, and virtual machine execution that incur a performance expense even when they’re not needed or used,” explains Herb Sutter, Convener of the ISO working group that developed the standard.

Read more text http://www.iso.org