Educause Security Discussion mailing list archives
Re: ISO and Record Management
From: Theresa Semmens <theresa.semmens () NDSU EDU>
Date: Thu, 31 Jul 2014 15:13:52 +0000
I recommend that when you determine qualifications for the position that it include a degree or a focus in Business Administration along with those for security. ISO's are no longer strictly security focused. That person will need to have a strong sense of business processes for the purpose of aligning them with security standards and guidelines. Additionally, s/he will need to be able to multilingual - that is, speak in IT, business, academic, and student life languages. Make sure that the person can tell "stories" as opposed to "this is way it needs to be." If they can create a case (story) that is sensitive to the area, they will have greater success in implementing what is needed and will there will be ownership by the owners of the process. Theresa Theresa Semmens, CISA NDSU Chief IT Security Officer Office: 210D IACC Mail: NDSU Dept 4500 PO Box 6050 Fargo, ND 58108-6050 P: 701-231-5870 F: 701-231-8541 E: Theresa.Semmens () ndsu edu<mailto:Theresa.Semmens () ndsu edu> www.ndsu.edu/its/security From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Shamblin, Quinn Sent: Thursday, July 31, 2014 9:53 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] ISO and Record Management We have an ISO with a staff, a separate Records Management function (shared across a number of people) Quinn R Shamblin . Executive Director of Information Security, Boston University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dennis Levine Sent: Thursday, July 31, 2014 10:44 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] ISO and Record Management Hi All, We're trying to get a sense of how many schools have an ISO, have a separate Records Manager and if anyone has combined the two positions? If you have an ISO, is that the only function of the position or are there other job duties performed by that position? Thanks, Dennis Levine Dennis Levine | Network and Security Administrator | 120 Boylston Street Boston, MA 02116-4624 | (617) 824-8972 | Dennis_Levine () emerson edu<mailto:Dennis_Levine () emerson edu> | www.emerson.edu [emerson]
Current thread:
- ISO and Record Management Dennis Levine (Jul 31)
- Re: ISO and Record Management Shamblin, Quinn (Jul 31)
- Re: ISO and Record Management Theresa Semmens (Jul 31)
- Re: ISO and Record Management Emilie Kunze - ACC (Jul 31)
- Re: ISO and Record Management randy (Jul 31)
- Re: ISO and Record Management Walters, Caroline (cw8de) (Aug 01)
- Re: ISO and Record Management randy (Jul 31)
- Re: ISO and Record Management Shamblin, Quinn (Jul 31)