Educause Security Discussion mailing list archives
Re: Compliance Training for Security Analysts
From: Dan Sarazen <dsarazen () BRANDEIS EDU>
Date: Thu, 2 Aug 2012 12:58:22 -0400
Hi A.J., Might I suggest you consider a more holistic approach and rather than sending folks to targeted HIPAA or PCI training, target key staff for possible CISSP or CISA training and certification? Between the exams, text books and test data bases, neither of my certification cost more than $1,000 and they will be exposed to all applicable regulations. Both of these are good (CISSP is better) at providing an overall understanding of compliance requirements (Including HIPAA and PCI) in an IT shop. Feel free to contact me if you have questions. Good Luck, Dan Sarazen Senior IT Auditor The Boston Consortium for Higher Education Brandeis University, Mailstop 110 Phone: 781-736-8703 Cell: 781-296-4444 Fax: 781-736-8706 *From:* The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Basile, Daniel L. *Sent:* Thursday, August 02, 2012 11:50 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* Re: Compliance Training for Security Analysts The real question is, does any good training even exist for the HIPAA security rule? There is a ton of training for the privacy bits and for office staff. Very little to nothing for the security side as far as I have found. Dan Basile Information Security Officer Texas A&M Health Science Center *From:* The EDUCAUSE Security Constituent Group Listserv [ mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On Behalf Of *Wright, A J (A. J.) *Sent:* Thursday, August 02, 2012 10:14 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Compliance Training for Security Analysts Hello all, I’m considering sending some staff to training (and/or certification) on HIPAA and PCI-DSS. This should be classes targeted for security analysts who work on compliance assessments. What good or bad experiences have EDUCAUSE folks had? Any recommendations? Companies to avoid? I don’t want to send staff to training that doesn’t add value to what they already know or can pick up from reading the compliance documents. Thanks, ajw -- *A. J. Wright *Chief Information Security Officer University of Tennessee – System Administration 2309 Kingston Pike, Suite 131C Knoxville, TN 37996-1717 Phone: 865-974-0637 Email: ajw () tennessee edu
Current thread:
- Compliance Training for Security Analysts Wright, A J (A. J.) (Aug 02)
- Re: Compliance Training for Security Analysts Basile, Daniel L. (Aug 02)
- Re: Compliance Training for Security Analysts Dan Sarazen (Aug 02)
- Re: Compliance Training for Security Analysts Wayne S. Martin (Aug 02)
- Re: Compliance Training for Security Analysts Dan Sarazen (Aug 02)
- Re: Compliance Training for Security Analysts Brad Judy (Aug 02)
- Re: Compliance Training for Security Analysts Basile, Daniel L. (Aug 02)