Educause Security Discussion mailing list archives
Re: Organization of IT compliance responsibilities
From: "Lazarus, Carolann" <lazarus () BUFFALO EDU>
Date: Wed, 5 Feb 2014 14:05:47 +0000
Nick I'm not sure how much help it will be for your specific question, but you could try the SCCE Society for Corporate Compliance and Ethics https://www.corporatecompliance.org/ . They have a large segment of their membership related to higher ed. I attended their annual Higher Ed compliance conference last year. You should be able to find some resources for setting up a compliance program through them, I'm just not sure if they have anything focused on just IT security. We don't have a compliance officer/office yet, but there are a number out there. Carolann Lazarus Internal Audit lazarus () buffalo edu 716-829-6947 -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Nick Lewis Sent: Tuesday, February 04, 2014 1:23 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Organization of IT compliance responsibilities Hi everyone, We have internally been discussing compliance recently. I'm working through the Higher Education Compliance Alliance resources to see what is already out there. The IT security and compliance program we are setting up is going to be proposed as an enterprise wide initiative, but only around IT security. I am trying to understand if anyone has their information security programs reporting into a formal Compliance Office/Officer? Or even a formal Compliance Office/Officer at their university? Thanks, Nick -- Nick Lewis Information Security Officer - Director, IT Security and Compliance ITS IT Security and Compliance Email: nlewis10 () slu edu - Phone: 314-977-1786
Current thread:
- Organization of IT compliance responsibilities Nick Lewis (Feb 04)
- Re: Organization of IT compliance responsibilities Joanna Grama (Feb 04)
- Re: Organization of IT compliance responsibilities Lazarus, Carolann (Feb 05)