Educause Security Discussion mailing list archives
Re: PCI Responsability
From: "Nevin, Dave" <Dave.Nevin () OREGONSTATE EDU>
Date: Fri, 6 Apr 2018 16:09:52 +0000
Same here at Oregon State University—it is a partnership between our Business Affairs team and the InfoSec Office. Dave Dave Nevin | Chief Information Security Officer | Information Services—Office of Information Security | Oregon State University From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Sunil Singh <spsfirst () HOTMAIL COM> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Friday, April 6, 2018 at 9:04 AM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] PCI Responsability Iowa State University has similar arrangement- Treasures office and IT Security. Sunil Singh Director IT Security ISU On Apr 6, 2018, at 10:53 AM, Pardonek, Jim <jpardonek () LUC EDU<mailto:jpardonek () LUC EDU>> wrote: Ron, We have a bifurcated approach to PCI compliance. It is a partnership between IT and the finance office. Assessment of technology is the responsibility of IT and procedural assessments are done by finance. PM me if you need any clarification. Jim James Pardonek, MS, CISSP, CEH, GSNA Information Security Officer Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 •: (773) 508-6086 Loyola University Chicago will never ask your for your username or password. For the lastest information security news at Loyola, please follow us online, Twitter: @LUCUISO Facebook: https://www.facebook.com/lucuiso/ Our Blog http://blogs.luc.edu/uiso/ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Ronald King Sent: Friday, April 6, 2018 10:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] PCI Responsability Good morning colleagues, I wanted to reach out to you to ask what division or department in your institution is ultimately accountable for PCI compliance. Is it your IT, Finance or another department/division? Why? Do you have a dedicated employee, contractor or team overseeing compliance to PCI? As always, feel free to reach me directly. Thank you and have a great weekend! Ron Ronald A. King, CISSP Chief Information Security Officer Morgan State University Office: (443) 885-3372 1700 E. Cold Spring Ln. Email: ronald.king () morgan edu<mailto:ronald.king () morgan edu> Baltimore, MD 21251 URL: http://www.morgan.edu Growing the future ... Leading the world<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>
Current thread:
- PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
- Re: PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Nevin, Dave (Apr 06)
- Re: PCI Responsability Jason Edelstein (Apr 06)
- Re: PCI Responsability Ben Marsden (Apr 06)
- Re: PCI Responsability Josh Callahan (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
- Re: PCI Responsability Lazarus, Carolann (Apr 06)
- Security Onion - IDS build Sunil Singh (Apr 07)
- Re: PCI Responsability Dennis Bolton (Apr 09)