Educause Security Discussion mailing list archives
New Project And Change Control Security review/approval questions requested
From: David Grisham <DGrisham () SALUD UNM EDU>
Date: Thu, 3 Apr 2008 12:51:18 -0600
I'm reworking the security approval of new projects & change control requests. I'm trying to find a standard list of questions to ensure security concerns have been addressed. We are a hospital (covered by HIPAA), our financials are held to (Sox) & Our Health Science Center falls under GLB. Does anybody have a manageable list of security questions that can be used in a hospital enterprise IT environment? I imagine a ISO 17799 would cover most everything. Replies will be kept confidential unless specifically posted to the list Cheers --grish David D. Grisham, Ph.D., CISM, CHS, CHSP Manager, IT Security, UNM Hospitals, Information Technology 1650 University Blvd, S.500, Albuquerque, NM 87102
Attachment:
David_Grisham.vcf
Description:
Current thread:
- New Project And Change Control Security review/approval questions requested David Grisham (Apr 03)