Educause Security Discussion mailing list archives
Re: Shared Security/Audit Position
From: Steve Schuster <sjs74 () CORNELL EDU>
Date: Wed, 24 Oct 2007 15:30:00 -0400
At Cornell, we do not have a shared resource but rather have focused on building a strong relationship between the IT Security Office and University Audit. I support the Audit Office in performing such things as IT scans with interpretation if necessary and the Audit Office supports me in findings that support hte wider security mission. The Audit Office does a fine job of IT audits but, let's face it, between the two groups we have very different approaches to things. I see this as a good thing. I would rather focus on strong relationships with shared interests rather than a shared resource. sjs Steve Schuster Director, IT Security Office Cornell University sjs74 () cornell edu On Oct 24, 2007, at 2:43 PM, Matthew Dalton wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! I was wondering if anyone on the list has had experience with a shared position between their internal audit and information security offices. We are investigating this possibility to assist our Audit department. We are currently trying to determine what, if any, job responsibilities would not become conflicts of interest between the two roles. Does anyone have any experience in this? Thanks! - -- Matthew Dalton Director of Information Security Office of Information Technology -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHH5JkVKUofGqW+twRAmIlAJ0X/G0YM9gyPniXz+vu4+EbgtfcDgCbBF4y hCSiYQcAwjW6wRE691PERwQ= =x+nW -----END PGP SIGNATURE-----
Attachment:
PGP.sig
Description: This is a digitally signed message part
Current thread:
- Shared Security/Audit Position Matthew Dalton (Oct 24)
- <Possible follow-ups>
- Re: Shared Security/Audit Position Gary Dobbins (Oct 24)
- Re: Shared Security/Audit Position Mclaughlin, Kevin (mclaugkl) (Oct 24)
- Re: Shared Security/Audit Position Joel Rosenblatt (Oct 24)
- Re: Shared Security/Audit Position Matthew Dalton (Oct 24)
- Re: Shared Security/Audit Position Steve Schuster (Oct 24)