Educause Security Discussion mailing list archives
Re: Security of Research Data
From: Jim Dillon <Jim.Dillon () CUSYS EDU>
Date: Fri, 1 Sep 2006 09:50:10 -0600
We are creating standards for Fiscal Responsibility much like one would find in a SOX implementation and are requiring financial principals to sign off throughout the university on their areas. Similarly we are creating new IT policies that make it clear that those implementing IT systems will be held accountable for the protection and effectiveness of those systems. How this works out is yet to be seen, but rather than hide this responsibility by simply assigning campus chancellors, we are now carrying the message to the scores of principals that they can no longer pretend the responsibility lies elsewhere. Some services are being deployed as well, but I expect there will continue to be a gap between expectation and performance for some time, but by forcing periodic assessments and signature affirmations we ought to at least be creating a human cry around the gap areas that may lead to some new funding priorities. That's my interpretation of the process, not the way the U would characterize it - Openness and Sox like Transparency would be the more official motto. If it is to work it will have to result in the consequences I alluded to I think, but these are my opinions, not that of the U. There are a lot of uncomfortable financial principals I hear. It will be interesting to see how this works its way out and if there is the institutional will to pursue openness and truthfulness in those assertions of compliance and responsibility. This of course includes grants and contract areas, aka research principals/PIs and the like. JD ***************************************** Jim Dillon, CISA, CISSP IT Audit Manager, CU Internal Audit jim.dillon () cusys edu 303-492-9734 ***************************************** ________________________________ From: Crawford, Tim M. [mailto:tcrawford () GSB STANFORD EDU] Sent: Thursday, August 31, 2006 4:53 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Security of Research Data I'm curious to know what strategies others use to address research data. Is this something that you're addressing today? If so, how do you identify and protect accordingly? Regards, Tim ______________________________________ Tim M. Crawford Associate Director, IT Operations Stanford Graduate School of Business 650.724.2447 tcrawford () gsb stanford edu <blocked::mailto:tcrawford () gsb stanford edu>
Current thread:
- Security of Research Data Crawford, Tim M. (Aug 31)
- <Possible follow-ups>
- Re: Security of Research Data Jim Dillon (Sep 01)
- Re: Security of Research Data Steve Brukbacher (Sep 01)
- Re: Security of Research Data Howell, Paul (Sep 05)
- Re: Security of Research Data Brad Judy (Sep 05)
- Re: Security of Research Data William Custer (Sep 05)
- Re: Security of Research Data Jim Dillon (Sep 05)
- Re: Security of Research Data Delaney, Cherry L. (Sep 06)
- Re: Security of Research Data Sadler, Connie (Sep 11)
- Re: Security of Research Data Howell, Paul (Sep 12)
- Re: Security of Research Data Tracy Mitrano (Sep 12)
- Re: Security of Research Data Crawford, Tim M. (Sep 12)
(Thread continues...)