Re: Security Requirements of Federal Funding Agencies

[Jim Dillon <Jim.Dillon () CUSYS EDU>]

Rodney,
 
I have little to no insight into it, but we have several centers that
supply NASA with data from satellites, generally atmospheric data and
such.  Some are regular basis, contracted data.  During annual risk
assessment processes the local IT staffs have indicated they must abide
by NASA data protection standards as part of the grant.  Is this the
type of example you are seeking?  I have no specifics, but it seems to
meet the criteria you are interested in.
 
Best regards,
 
Jim
 
*****************************************
Jim Dillon, CISA, CISSP
IT Audit Manager, CU Internal Audit
jim.dillon () cusys edu
303-492-9734
*****************************************
 
 
 

________________________________

From: Rodney Petersen [mailto:rpetersen () EDUCAUSE EDU] 
Sent: Tuesday, August 29, 2006 9:20 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security Requirements of Federal Funding Agencies



I am curious if anyone has been confronted with security requirements as
a condition of Federal contracts or grants.  It has been a couple of
years since we last discussed the topic on this list and I am eager to
learn of any new developments.  

Please share with the entire list the sources for any such requirements
and your experiences if you have developed an effective process for
responding.  I would also be interested to learn, privately if
necessary, any unique challenges or obstacles that you have faced at
your particular institution.

Thanks in advance. 

Regards, 

-Rodney 
--------------------------------------------------
Rodney J. Petersen
Policy Analyst & Security Task Force Coordinator

EDUCAUSE
1150 18th Street, N.W., Suite 1010
Washington, D.C.  20036
(202) 331-5368 / (202) 872-4200
(202) 872-4318 (FAX) 
EDUCAUSE/Internet2 Security Task Force
www.educause.edu/security <http://www.educause.edu/security> 
--------------------------------------------------