Educause Security Discussion mailing list archives

Re: Federal Rules of Evidence

From: Ryan Hiebert <ryan () RYANHIEBERT COM>
Date: Wed, 7 Sep 2011 12:50:51 -0700

Indeed he did.  He just made the mistake of putting it in a different thread, so everybody is missing it.

On Sep 7, 2011, at 11:30 AM, Sarazen, Daniel wrote:

I’m pretty certain that Kevin said last week that, since he’s received so many requests, he would provide the group 
with a summation after he’s reviewed all the information and organizes it.
 
Thanks,

Dan
 
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gordie 
Mah
Sent: Wednesday, September 07, 2011 2:17 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Federal Rules of Evidence
 
Hi Kevin
 
Please add me to the list too.
 
Thanks!
Gordie
 
-----------------
Gordie Mah
Information Technology Security Officer
Office of the Provost and Vice-President (Academic)
University of Alberta
780.492.8607 | gordie () ualberta ca

On Wed, Sep 7, 2011 at 12:13 PM, Walter Petruska <wpetruska () usfca edu> wrote:
And please add me to the list- this must be a record number of replies looking to be copied!

Walter Petruska CISA, CISSP, CGEIT
Information Security Officer
University of San Francisco




On Wed, Sep 7, 2011 at 10:48 AM, Bliven, Gary B. <Gary.Bliven () quinnipiac edu> wrote:
I’d love a copy as well.  Thanks.
 
-Gary
 
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Matthew Junod
Sent: Wednesday, September 07, 2011 1:26 PM

To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Federal Rules of Evidence
 
Kevin -
 
This would be great if posted to the list, but if you decide not to, I'd love to have a copy.
 
Thanks!

 
Matthew C. Junod
Information Security Officer
Owens Community College

"Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU> 9/2/2011 10:18 AM >>>

Daniel:
We have a pretty comprehensive Standard Operating Procedure manual (SOP) that contains portions of what you are 
looking for but most likely not in a format that you might have in mind.  I can send you – and anyone else – a copy 
of the Investigations section if you want.  Just let me know.  Being an X-Fed and then state detective I think it 
covers chain of custody fairly well.  I can also send you our department retention schedule that covers 
active/inactive case retention limits.
 
- Kevin
 
 
Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master Certified
Assistant Vice President, Information Security & Special Projects
University of Cincinnati
513-556-9177
 
The University of Cincinnati is one of America's top public research institutions and the region's largest employer, 
with a student population of more than 41,000.
 
 
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Bradley, Stephen W. Mr.
Sent: Friday, September 02, 2011 9:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Federal Rules of Evidence
 
I too would be interested in your findings.
 
thx
steve
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () listserv educause edu] On Behalf Of Mark 
Reboli
Sent: Friday, September 02, 2011 9:22 AM
To: SECURITY () listserv educause edu
Subject: Re: [SECURITY] Federal Rules of Evidence
 
daniel we do not have this in place but i would be very interested if you could share your results.  i would add a 
checklist would be great as well to ensure no step is missed.
 
m
Mark Reboli
Network/Telecom/IT security Manager
Misericordia University
570-674-6753
 
 
 
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Daniel 
Bennett
Sent: Friday, September 02, 2011 9:09 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Federal Rules of Evidence
 
Hello All,
 
I am wondering if anyone has developed guidelines, policy, or procedures that you follow for every IT investigation?  
This would cover chain of custody, line of authorities, retention of information, report formats, etc.  I am looking 
to standardize all investigations so if an internal investigation ever becomes civil or criminal all evidence will  
hold up.
 
Please reply on or off list.
 
Thanks,
 
Daniel Bennett
IT Security Analyst
Vice-Chair North Central PA Members Alliance
 
Pennsylvania College of Technology
One College Ave
Williamsport, PA 17701
 
P:570.329.4989
E:dbennett () pct edu
 


-- 
Walter Petruska CISSP, CISA, CGEIT
Information Security Officer
infosec.usfca.edu

University of San Francisco
Lone Mountain North - 2nd Floor
2130 Fulton Street
San Francisco, CA 94117
ITS Help Desk, Phone: 415-422-6668
Fax: 415-422-6719

Current thread:

Re: Federal Rules of Evidence, (continued)
- - - Re: Federal Rules of Evidence Carson, Larry (Sep 05)
    - Re: Federal Rules of Evidence Gene Spafford (Sep 05)
    - Everyone - I will be posting the SOP on Federal Rules of Evidence Early next week to the list Mclaughlin, Kevin (mclaugkl) (Sep 05)
    - Re: Federal Rules of Evidence Ambrosi, Thomas (Sep 06)
    - Re: Federal Rules of Evidence Indir Avdagic (Sep 06)
    - Re: Federal Rules of Evidence Matthew Junod (Sep 07)
    - Re: Federal Rules of Evidence Bliven, Gary B. (Sep 07)
    - Re: Federal Rules of Evidence Walter Petruska (Sep 07)
    - Re: Federal Rules of Evidence Gordie Mah (Sep 07)
    - Re: Federal Rules of Evidence Sarazen, Daniel (Sep 07)
    - Re: Federal Rules of Evidence Ryan Hiebert (Sep 07)
    - Re: Federal Rules of Evidence Mclaughlin, Kevin (mclaugkl) (Sep 07)
- Re: Federal Rules of Evidence Finney, George (Information Security Officer) (Sep 06)
- Re: Federal Rules of Evidence Dennis Bolton, sent from mobile (Sep 07)