Re: KPIs in IT Security Policy

[Jason Brooks <brooksje () LONGWOOD EDU>]

I've been getting that lately with Firefox 1.1.  You can right click and
save as just fine.  It must be something with browser-Adobe interaction.

Jason Brooks

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tom Bossie
Sent: Friday, March 18, 2005 8:35 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] KPIs in IT Security Policy

I tried to download the KPI file reference below and got "file damaged
and cannot be repaired" adobe message. Anyone else experience this?
Thx.
Tom

-----Original Message-----
From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Les Mitchell
Sent: Friday, March 18, 2005 12:07 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] KPIs in IT Security Policy

Hi Jarrod,

Not exactly what you are looking for, but have you seen the Corporate
Information Security Working Group: Report of the Best Practices and
Metrics Team (http://www.educause.edu/ir/library/pdf/CSD3661.pdf)

Might be useful for identifying possible KPI.

Regards
Les Mitchell
University of Southern Queensland

> -----Original Message-----
> From: The EDUCAUSE Security Discussion Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jarrod Loidl
> Sent: Friday, 18 March 2005 2:32 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: [SECURITY] KPIs in IT Security Policy
>
>
> Hi all,
>
> I am doing a review of our IT Security policy framework. As a
> part of a previous review conducted by an external group, we
> were advised that our Security Policies were rather broad in
> the sense we did not have a measurable set of Key Performance
> Indicators (KPIs) to accurately assess the response and
> performance of the IT Security group.
>
> However in doing in a review of some of our competitors
> within Australia I noted that, to the best of my knowledge,
> neither had any of them!
>
> I am curious to know if any of the other universities and
> higher institutions subscribed to this list have developed
> any such KPIs as a part of their IT Security framework, and
> if so could you provide some links and/or insight into how
> they developed said framework and KPIs. If not, perhaps some
> insight as to why none were stated.
>
> Thanks in advance,
> --
> Jarrod Loidl
> IT Security of Infrastructure Services,
> Information Technology Services, Monash University - Clayton
> Phone: +61 3 99052055    Fax:   +61 3 99054746
>
> **********
> Participation and subscription information for this EDUCAUSE
> Discussion Group discussion list can be found at
> http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.