Educause Security Discussion mailing list archives
Re: Guidelines for Deans
From: Brian Reilly <reillyb () GEORGETOWN EDU>
Date: Wed, 3 Dec 2003 13:57:57 -0500
Georgetown covers this in the "Data Stewards" section of our Information Security Policy (http://www.georgetown.edu/policy/technology/security.htm#stewards). Stewards are those members of the University community who have the primary responsibility for particular information, such as the Registrars for student data, Deans for their particular school's data, etc. We've also developed a 2-page executive summary of our security policy, which has been a big help during our security awareness training. --Brian ______________________________________________ Brian Reilly, CISSP University Network Security Officer Georgetown University, UIS <reillyb () georgetown edu> +1 202.687.2775 On Wed, 3 Dec 2003, Herbert Baines III wrote:
Good afternoon, We are in the process of drafting a "short" information security guideline document for our Deans and I want to solicit information from this community on the subject. The guidelines are to be at a high level, yet meaningful - what should the Deans do to ensure a secure environment, - what guidance should they give to the school Chairs, - how can they achieve security goals.......what are the appropriate management controls (in an open architecture with a lot of school-level autonomy...? We have existing policies and procedures that were approved in our top-level policy (below) and of course we review information from Educause, NIST and other security organizations (see below), but condensing all that information into a single (short) todo document for the Deans is a challenge. Any pointers or assistance you can offer would be greatly appreciated. http://www.security.gatech.edu/policy/general_measures.html http://www.security.gatech.edu/policy/usage/policy.html#6.5 http://www.security.gatech.edu/architecture/system_administration/ <http://www.nist.gov/cgi-bin/exit_nist.cgi?url=http://www.cisecurity.org/>http://www.cisecurity.org/ http://csrc.nist.gov/ http://www.educause.edu/security/ Best regards, -Herb Herbert Baines, CISSP, CISA Director, Information Security Office of Information Technology Georgia Tech Atlanta, GA 30332 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Guidelines for Deans Herbert Baines III (Dec 03)
- <Possible follow-ups>
- Re: Guidelines for Deans Lance Jordan (Dec 03)
- Re: Guidelines for Deans Hart, Lee Anne (Dec 03)
- Re: Guidelines for Deans Brian Reilly (Dec 03)
- Re: Guidelines for Deans InfoSec (Dec 04)