Educause Security Discussion mailing list archives
Re: ISO 27000
From: "Drews, Jane E" <jane-drews () UIOWA EDU>
Date: Fri, 15 Jan 2010 09:50:50 -0600
Leilani, Last year we revised and reorganized the description of our Information Security Program around the ISO 27002 standards and framework. You can view what we've published at http://cio.uiowa.edu/itsecurity/resources/Infosec-Plan.shtml It uses the top level organization, but it's a work in progress. The EDUCAUSE Information Security Guide is also being updated and reorganized around the ISO standard. Jane Drews, CISSP Information Technology Security Officer CIO Office, The University of Iowa 2800 University Capitol Centre jane-drews () uiowa edu<mailto:jane-drews () uiowa edu> / 319-335-5537 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Leilani Lauger Sent: Thursday, January 14, 2010 2:42 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] ISO 27000 We are trying to gather information about how our peers are using the ISO 27000 standards. Is anyone using standards to formally evaluate a security program or as a framework for building a new program? Are they being used as a complete body of work or to inform individual aspects of a security program? We appreciate any feedback. Thank you, Leilani Lauger Information Security Officer Loyola University Chicago 773.508.6086 llauger () luc edu
Current thread:
- ISO 27000 Leilani Lauger (Jan 14)
- <Possible follow-ups>
- Re: ISO 27000 Lorenz, Eva (Jan 14)
- Re: ISO 27000 Scott Sweren (Jan 15)
- Re: ISO 27000 Davis, Thomas R (Jan 15)
- Re: ISO 27000 Payne, Shirley (scp8b) (Jan 15)
- Re: ISO 27000 Drews, Jane E (Jan 15)
- Re: ISO 27000 Chris Bennett (Jan 15)
- Re: ISO 27000 Heidi Wachs (Jan 15)
- Re: ISO 27000 Alex Brown (Jan 15)
- Re: ISO 27000 Hugh Burley (Jan 18)
- Re: ISO 27000 Lorenz, Eva (Jan 19)