Educause Security Discussion mailing list archives
Re: Security Program: NIST, ISO, other?
From: "Stephen C. Gay" <sgay () KENNESAW EDU>
Date: Thu, 17 Jan 2013 12:03:17 -0500
Kennesaw State University utilizes ISO27002 while also incorporating the metric requirements included in CoBIT. We have just recently started looking into incorporating the SANS 20 Critical Controls. Stephen C Gay CISSP CISA ITS Associate Director - Information Security Office KSU Information Security Officer Kennesaw State University sgay () kennesaw edu ----- Original Message ----- From: "A J Wright (A. J.)" <ajw () TENNESSEE EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Sent: Thursday, January 17, 2013 9:36:30 AM Subject: [SECURITY] Security Program: NIST, ISO, other? Hello all, At the University of Tennessee, our security program is based on the NIST 800 Series special publications rather than ISO 27001. While we don’t claim to implement 100% of it (it wouldn’t be appropriate,) we’re making heavy use of FIPS199, 800-37, 800-53, 800-66, etc. I’ve had staff calling and emailing around asking this, but I figured I’d ask this list also: what is your school’s security program based on? Thanks, ajw -- A. J. Wright Chief Information Security Officer University of Tennessee – System Administration 2309 Kingston Pike, Suite 131C Knoxville, TN 37996-1717 Phone: 865-974-0637 Email: ajw () tennessee edu
Current thread:
- Re: Security Program: NIST, ISO, other?, (continued)
- Re: Security Program: NIST, ISO, other? Shamblin, Quinn (Jan 17)
- Re: Security Program: NIST, ISO, other? Dan Sarazen (Jan 17)
- Re: Security Program: NIST, ISO, other? Alan (Jan 17)
- Re: Security Program: NIST, ISO, other? Christopher Jones (Jan 17)
- Re: Security Program: NIST, ISO, other? Lorenz, Eva (Jan 17)
- Re: Security Program: NIST, ISO, other? Shamblin, Quinn (Jan 17)
- Re: Security Program: NIST, ISO, other? Valerie Vogel (Jan 17)
- Re: Security Program: NIST, ISO, other? Lorenz, Eva (Jan 17)
- Re: Security Program: NIST, ISO, other? Steven Alexander (Jan 17)
- Re: Security Program: NIST, ISO, other? Dan Sarazen (Jan 17)
- Re: Security Program: NIST, ISO, other? Blake Penn (Jan 18)
- Re: Security Program: NIST, ISO, other? Stephen C. Gay (Jan 17)
- Re: Security Program: NIST, ISO, other? Davis, Thomas R (Jan 18)
- Re: Security Program: NIST, ISO, other? Payne, Shirley (scp8b) (Jan 18)