Educause Security Discussion mailing list archives
Re: PCI Responsability
From: Jason Edelstein <jasone () UCHICAGO EDU>
Date: Fri, 6 Apr 2018 11:14:53 -0500
And here as well - IT Security and our Bursar handle it together. Jason Edelstein IT Risk and Compliance Program Manager University of Chicago, IT Services desk: 773 834 3457 security.uchicago.edu / 773 702 CERT On 4/6/2018 11:09 AM, Nevin, Dave wrote:
Same here at Oregon State University—it is a partnership between our Business Affairs team and the InfoSec Office.Dave*Dave Nevin *|* Chief Information Security Officer *|***Information Services—Office of Information Security *|* Oregon State**University **From: *The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Sunil Singh <spsfirst () HOTMAIL COM> *Reply-To: *The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>*Date: *Friday, April 6, 2018 at 9:04 AM *To: *"SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> *Subject: *Re: [SECURITY] PCI ResponsabilityIowa State University has similar arrangement- Treasures office and IT Security.Sunil Singh Director IT Security ISUOn Apr 6, 2018, at 10:53 AM, Pardonek, Jim <jpardonek () LUC EDU<mailto:jpardonek () LUC EDU>> wrote:Ron, We have a bifurcated approach to PCI compliance. It is a partnership between IT and the finance office. Assessment of technology is the responsibility of IT and procedural assessments are done by finance. PM me if you need any clarification. Jim *James Pardonek, MS, CISSP, CEH, GSNA* *Information Security Officer** Loyola University Chicago 1032 W. Sheridan Road | Chicago, IL 60660 ** (**: (773) 508-6086* *Loyola University Chicago will never ask your for your username or password.* *For the lastest information security news at Loyola, please follow us online,* *Twitter: @LUCUISO* *Facebook: *https://www.facebook.com/lucuiso/ *Our Blog **http://blogs.luc.edu/uiso/* *From:*The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> *On Behalf Of *Ronald King *Sent:* Friday, April 6, 2018 10:18 AM *To:* SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> *Subject:* [SECURITY] PCI Responsability Good morning colleagues, I wanted to reach out to you to ask what division or department in your institution is ultimately accountable for PCI compliance. Is it your IT, Finance or another department/division? Why? Do you have a dedicated employee, contractor or team overseeing compliance to PCI? As always, feel free to reach me directly. Thank you and have a great weekend! Ron *Ronald A. King, CISSP* Chief Information Security Officer Morgan State UniversityOffice:(443) 885-3372 1700 E. Cold Spring Ln.Email:ronald.king () morgan edu<mailto:ronald.king () morgan edu> Baltimore, MD 21251URL:http://www.morgan.edu *Growing the future ... Leading the world*<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>
Current thread:
- PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
- Re: PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Nevin, Dave (Apr 06)
- Re: PCI Responsability Jason Edelstein (Apr 06)
- Re: PCI Responsability Ben Marsden (Apr 06)
- Re: PCI Responsability Josh Callahan (Apr 06)
- Re: PCI Responsability Sunil Singh (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
- Re: PCI Responsability Lazarus, Carolann (Apr 06)
- Security Onion - IDS build Sunil Singh (Apr 07)
- Re: PCI Responsability Dennis Bolton (Apr 09)
- Re: PCI Responsability Ronald King (Apr 13)