Educause Security Discussion mailing list archives
Re: ISO 27000
From: Chris Bennett <bennetc () LCC EDU>
Date: Fri, 15 Jan 2010 11:15:52 -0500
Lansing Community College has adopted the ISO 27000 standards as a model for organizing the security program. I use an online application (TruArx) then to measure against that standard to prioritize my activities and to justify the control requirements. I also can report on progress made each year by domain. Chris Bennett, GSNA, GSEC Director of Information Security Lansing Community College 517-483-5264 (O) 517-483-1758 (F) From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Leilani Lauger Sent: Thursday, January 14, 2010 3:42 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] ISO 27000 We are trying to gather information about how our peers are using the ISO 27000 standards. Is anyone using standards to formally evaluate a security program or as a framework for building a new program? Are they being used as a complete body of work or to inform individual aspects of a security program? We appreciate any feedback. Thank you, Leilani Lauger Information Security Officer Loyola University Chicago 773.508.6086 llauger () luc edu
Current thread:
- ISO 27000 Leilani Lauger (Jan 14)
- <Possible follow-ups>
- Re: ISO 27000 Lorenz, Eva (Jan 14)
- Re: ISO 27000 Scott Sweren (Jan 15)
- Re: ISO 27000 Davis, Thomas R (Jan 15)
- Re: ISO 27000 Payne, Shirley (scp8b) (Jan 15)
- Re: ISO 27000 Drews, Jane E (Jan 15)
- Re: ISO 27000 Chris Bennett (Jan 15)
- Re: ISO 27000 Heidi Wachs (Jan 15)
- Re: ISO 27000 Alex Brown (Jan 15)
- Re: ISO 27000 Hugh Burley (Jan 18)
- Re: ISO 27000 Lorenz, Eva (Jan 19)