Re: IT Vendors/Contracting Vendors question...

[Theresa M Rowe <rowe () OAKLAND EDU>]

Our vendors have to sign a mutual non-disclosure statement statement.  We also require security review and a contract 
addendum.  Material is on our web site:
http://www2.oakland.edu/uts/policies.cfm
Click on Outsourcing, Hosting and Application Service Providers.

Also posted on Educause Effective Practices site.
Theresa

---- Original message ----
> Date: Thu, 7 Dec 2006 08:16:23 -0500
> From: InfoSec <infosec () UGA EDU>
> Subject: [SECURITY] IT Vendors/Contracting Vendors question...
> To: SECURITY () LISTSERV EDUCAUSE EDU
>
>   All,
>
>   Anyone have any security processes or procedures for
>   contracting/outsourcing IT vendors or consultants?
>   Looking for in-briefing, out-briefing material or
>   any information on how  vendors should  behave while
>   in or around our data and systems and on our
>   campuses...
>
>   Thanks in advance,
>
>
>
>   Stanton Gatewood, UGA-CISO
>
>   UGA Office of Information Security
>
>   This message and any attachment is intended only for
>   the use of the addressee and may contain information
>   that is PRIVILEGED. If you are not the intended
>   recipient, you are hereby notified that any
>   dissemination of this communication is strictly
>   prohibited. If you have received this communication
>   in error, please erase all copies of the message and
>   its attachments and notify us immediately. Thank
>   You.
>
>   Security Warning: Please note that this e-mail has
>   been created in the knowledge that Internet e-mail
>   is not a 100% secure communications medium.
>
>   We advise that you understand and observe this lack
>   of security when e-mailing us.
>
>   Viruses: Although we have taken steps to ensure that
>   this e-mail and attachments are free from any virus,
>   we advise that in keeping with good computing
>   practice the recipient should ensure they are
>   actually virus free.