Guidelines for Deans

[Herbert Baines III <herbert.baines () OIT GATECH EDU>]

Good afternoon,

We are in the process of drafting a "short" information security guideline
document for our Deans and I want to solicit information from this
community on the subject.  The guidelines are to be at a high level, yet
meaningful - what should the Deans do to ensure a secure environment, -
what guidance should they give to the school Chairs, - how can they achieve
security goals.......what are the appropriate management controls (in an
open architecture with a lot of school-level autonomy...?  We have existing
policies and procedures that were approved in our top-level policy (below)
and of course we review information from Educause, NIST and other security
organizations (see below), but condensing all that information into a
single (short) todo document for the Deans is a challenge.  Any pointers or
assistance you can offer would be greatly appreciated.


http://www.security.gatech.edu/policy/general_measures.html
http://www.security.gatech.edu/policy/usage/policy.html#6.5
http://www.security.gatech.edu/architecture/system_administration/
<http://www.nist.gov/cgi-bin/exit_nist.cgi?url=http://www.cisecurity.org/>http://www.cisecurity.org/

http://csrc.nist.gov/
http://www.educause.edu/security/

Best regards,

-Herb
Herbert Baines, CISSP, CISA
Director, Information Security
Office of Information Technology
Georgia Tech
Atlanta, GA 30332

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.