Educause Security Discussion mailing list archives

Re: ISO 27000

From: Alex Brown <alex.brown () NERDSONSITE COM>
Date: Fri, 15 Jan 2010 14:44:48 -0500

Hi Leilani,

You definitely want to take a look at the work done by Tammy Clark, CISO
of Geogia State University, on this matter.

http://www.educause.edu/Community/MemDir/Profiles/TammyLClark/45126

Tammy Clark spearheaded the implementation of the ISO 27001/2 standard
for GSU back in 2005 and I believe GSU (particularly the Secuurity
Department and the Finance & Administration Department) is still the
only university in the country to receive ISO 27001 certification from
BSI.  She has done some great work for Educause and her presentations
and publications can be found at the link above.

The following document gives some more background on their certification:

http://www.educause.edu/Resources/ImplementingInformationSecurit/163240

Tammy is a fountain of wisdom on this subject.

Alex
--
I live to serve




Leilani Lauger wrote:

We are trying to gather information about how our peers are using the
ISO 27000 standards.  Is anyone using standards to formally evaluate a
security program or as a framework for building a new program?  Are
they being used as a complete body of work or to inform individual
aspects of a security program?

We appreciate any feedback.

Thank you,

Leilani Lauger
Information Security Officer
Loyola University Chicago
773.508.6086
llauger () luc edu

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

ISO 27000 Leilani Lauger (Jan 14)
- <Possible follow-ups>
- Re: ISO 27000 Lorenz, Eva (Jan 14)
- Re: ISO 27000 Scott Sweren (Jan 15)
- Re: ISO 27000 Davis, Thomas R (Jan 15)
- Re: ISO 27000 Payne, Shirley (scp8b) (Jan 15)
- Re: ISO 27000 Drews, Jane E (Jan 15)
- Re: ISO 27000 Chris Bennett (Jan 15)
- Re: ISO 27000 Heidi Wachs (Jan 15)
- Re: ISO 27000 Alex Brown (Jan 15)
- Re: ISO 27000 Hugh Burley (Jan 18)
- Re: ISO 27000 Lorenz, Eva (Jan 19)