Educause Security Discussion mailing list archives
Re: ISO 27000
From: Heidi Wachs <hlw9 () GEORGETOWN EDU>
Date: Fri, 15 Jan 2010 12:01:34 -0500
We are in the process of reviewing and updating many of our policies, including our Security Policy. We are using ISO 27002 as a guide in this work and incorporating many of the elements, although not as a strict framework. When, eventually, these new policies make it all the way through the drafting, vetting, and approval process, I'd be happy to share them. :) Heidi Leilani Lauger wrote:
We are trying to gather information about how our peers are using the ISO 27000 standards. Is anyone using standards to formally evaluate a security program or as a framework for building a new program? Are they being used as a complete body of work or to inform individual aspects of a security program? We appreciate any feedback. Thank you, Leilani Lauger Information Security Officer Loyola University Chicago 773.508.6086 llauger () luc edu
-- Heidi L. Wachs, Esq. Director of IT Policy and Privacy Officer Office of Information Services Georgetown University Washington, DC 202-687-8571 hlw9 () georgetown edu
Current thread:
- ISO 27000 Leilani Lauger (Jan 14)
- <Possible follow-ups>
- Re: ISO 27000 Lorenz, Eva (Jan 14)
- Re: ISO 27000 Scott Sweren (Jan 15)
- Re: ISO 27000 Davis, Thomas R (Jan 15)
- Re: ISO 27000 Payne, Shirley (scp8b) (Jan 15)
- Re: ISO 27000 Drews, Jane E (Jan 15)
- Re: ISO 27000 Chris Bennett (Jan 15)
- Re: ISO 27000 Heidi Wachs (Jan 15)
- Re: ISO 27000 Alex Brown (Jan 15)
- Re: ISO 27000 Hugh Burley (Jan 18)
- Re: ISO 27000 Lorenz, Eva (Jan 19)