Re: Information Security Standard Operating Procedures

[Steve Schuster <sjs74 () CORNELL EDU>]

We have created our own.  Our processes have grown over time as the
threats change, as our environment changes and as the laws have
changed.  I'm not sure how I would implement a whole set of purchased
templates but our set seems to work well and we're able to fairly
easily keep them contemporary and add as the need arises.

sjs

Steve Schuster
Director, IT Security Office
Cornell University
sjs74 () cornell edu




On Nov 14, 2006, at 4:43 PM, Mclaughlin, Kevin L (mclaugkl) wrote:

> Hi Everyone:
>
>
>
> Have any of you gone through the process of creating Standard
> Operating Procedures (SOPs) for your Information Security System?
> If so did you use pre-purchased templates or create your own?  Do
> you have any suggestions or guidance on how we would best start
> this process at the University of Cincinnati?
>
>
>
> -Kevin
>
>
>
>
>
> Kevin L. McLaughlin
> CISM, CISSP, PMP, ITIL Master Certified
> Director, Information Security
> University of Cincinnati
> 513-556-9177 (w)
> 513-703-3211 (m)
> mclaugkl () ucmail uc edu
>
>
> <image001.jpg>
>
>
>
>
> CONFIDENTIALITY NOTICE: This e-mail message and its content is
> confidential, intended solely for the addressee, and may be legally
> privileged. Access to this message and its content by any
> individual or entity other than those identified in this message is
> unauthorized. If you are not the intended recipient, any
> disclosure, copying or distribution of this e-mail may be unlawful.
> Any action taken or omitted due to the content of this message is
> prohibited and may be unlawful.