Re: Security risk assessment survey for research

[Graham Toal <gtoal () UTPA EDU>]

> -----Original Message-----
> From: Victoriano Casas, ISO [mailto:vcasas () AUSTIN UTEXAS EDU]
> Sent: Tuesday, February 28, 2006 5:10 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Security risk assessment survey for research
>
> To Whom It May Concern:
>
> So far - only 4 people completed the survey.  I'd really
> appreciate a couple more; please!!

The lack of interest in submitting this probably stems from:

1) those of us who know the answers all know that everyone should
come up with basically the same answer, especially since the questions
are somewhat loaded, and there's no point wasting time entering
information that can be found in any primer or at SANS.  Generally
intelligent people only fill out surveys when they feel that
intelligent questions are being asked and that your response
will educate someone - not rote questions where the point is to
see how many people know the basics of their profession.

2) those who purport to be ISOs but have no clue as to
the answer don't want to show up their own ignorance by
filling it out wrongly.

And to cap it, there's no incentive. It's a time-consuming
form, the least you could do is bribe us with a free Starbucks
voucher or something :-)

G