Educause Security Discussion mailing list archives
<SPAM> Re: Shared Security/Audit Position
From: Chad McDonald <chad.mcdonald () GCSU EDU>
Date: Wed, 24 Oct 2007 15:33:51 -0400
I agree with Gary's comments. This may have the added benefit of buying your unit more credibility by tying it to the audit unit. I have found that people often have little understanding of what "information security" means. On the other hand, everyone knows what an auditor is, and are generally more likely to listen to an auditor rather than the security guy/gal. Chad McDonald, CISSP, CISA Chief Information Security Officer Georgia College & State University Phone 478.445.4473 Cell 478.454.8250 Fax 478.445.1202 Email chad.mcdonald () gcsu edu
Who authors policies and standards might come into play. It would be a conflict of interest for the audit role to author those, so if your security group does, it might be sticky. Matthew Dalton wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! I was wondering if anyone on the list has had experience with a shared position between their internal audit and information security offices. We are investigating this possibility to assist our Audit department. We are currently trying to determine what, if any, job responsibilities would not become conflicts of interest between the two roles. Does anyone have any experience in this? Thanks! - -- Matthew Dalton Director of Information Security Office of Information Technology -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHH5JkVKUofGqW+twRAmIlAJ0X/G0YM9gyPniXz+vu4+EbgtfcDgCbBF4y hCSiYQcAwjW6wRE691PERwQ= =x+nW -----END PGP SIGNATURE------- Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies
Current thread:
- <SPAM> Re: Shared Security/Audit Position Chad McDonald (Oct 24)
- <Possible follow-ups>
- <SPAM> Re: Shared Security/Audit Position Matthew Dalton (Oct 24)
- <SPAM> RE: Shared Security/Audit Position Jim Dillon (Oct 24)