Educause Security Discussion mailing list archives
Re: Best practice: IT polices and standards
From: Ben Woelk <fbwis () RIT EDU>
Date: Thu, 30 Sep 2010 14:27:29 -0400
Nick, Our policy and standards process and documents are on our website. Our information security policy gives us the ability to create standards without engaging a university policy committee. We worked to establish a comparatively lightweight process so that we could be a little more agile. All of our standards follow a similar template. We also produce Plain English Guides to help users understand the requirements of the standards. You’re welcome to use any of our materials. Please contact me directly if you need more information or Word docs. http://security.rit.edu/standards/index.html Ben Woelk '07 Policy and Awareness Analyst Information Security Office Rochester Institute of Technology ROS 10-A204 151 Lomb Memorial Drive Rochester, New York 14623 585.475.4122 585.475.7920 fax ben.woelk () rit edu<mailto:ben.woelk () rit edu> http://security.rit.edu/dsd.html Become a fan of RIT Information Security at http://rit.facebook.com/RITInfosec<http://rit.facebook.com/profile.php?id=6017464645> Follow us on Twitter: http://twitter.com/RIT_InfoSec CONFIDENTIALITY NOTE: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Nick Recchia Sent: Thursday, September 30, 2010 2:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Best practice: IT polices and standards Hello Folks, My department is currently planning to revamp our IT Policies. We lack consistency and I am striving to create a cohesive and uniform style for all IT polices and standards (current and new). There are varying ways University IT Policies are configured and structured - some very detailed and others not - I was wondering if any of you have a Policy template you find successful and would be willing to share your template. Further, perhaps you'd also be willing to share your interpretation of why you find your format success? I am currently considering to appropriate Cornell University's style, but some aspects may be beyond our departmental abilities - note, we do not have a University Policy Office. Please feel free to contact me direct. Thank you for your time. Sincerely, Nick -- Nicholas Recchia Security Administrator ITS - Security Services infosec.usfca.edu<http://infosec.usfca.edu>
Current thread:
- Best practice: IT polices and standards Nick Recchia (Sep 30)
- Re: Best practice: IT polices and standards DiGrazia, Mick A (Sep 30)
- Re: Best practice: IT polices and standards Ben Woelk (Sep 30)
- Re: Best practice: IT polices and standards Kimberly Heimbrock (Sep 30)
- Re: Best practice: IT polices and standards Dave Kovarik (Sep 30)
- Re: Best practice: IT polices and standards Basgen, Brian (Sep 30)
- Social media policies Plesco, Todd (Sep 30)
- Re: Social media policies Ken Connelly (Sep 30)
- Re: Social media policies James Farr '05 (Sep 30)
- Re: Social media policies Roger Safian (Sep 30)
- Re: Social media policies Moore, Frank (Sep 30)
- Re: Social media policies Hugh Burley (Sep 30)
- Re: Social media policies Ken Connelly (Sep 30)
- Re: Best practice: IT polices and standards Hugh Burley (Sep 30)