Re: Incident Response Plans - Quick informal survey

[James H Moore <jhmfa () RIT EDU>]

Our are on http://security.rit.edu/standards/ .  They and the supporting
documentation is Creative Commons Share-Alike licensed, so you can use
anything that you want without permission.

One there thing that we did that is not under Creative Commons licensing
is that we licensed the SANS Incident Handling Step-By-Step guide for
all of our systems administrators.

Jim

- - - -
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
(585) 475-5406 (office)
(585) 475-4122 (lab)
(585) 475-7950 (fax)



"We will have a chance when we are as efficient at communicating
information security best practices, as hackers and criminals are at
sharing attack information"  - Peter Presidio





-----Original Message-----
From: Adam Goldstein [mailto:adam.goldstein () VILLANOVA EDU] 
Sent: Wednesday, January 18, 2006 3:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Incident Response Plans - Quick informal survey

Hello all,
I am working on a paper and am trying to get a sense of how many schools

have adopted incident response plans.  If anyone knows of any previous 
studies, I'd be interested in the findings.

I am also curious how others are doing with IRP's.  Have they been 
adopted? Have they been implemented? Are they effective?

Basically, any responses on experiences and challenges with IRP's, 
whether to the list or offline, would be greatly appreciated.

Thanks,
Adam

--
Adam Goldstein CCNP CISSP
IT Security Officer
Villanova University
adam.goldstein () villanova edu
--