Educause Security Discussion mailing list archives

Re: Baseline Controls Checklist for Project Management Office?

From: Shelton Waggener <swaggener () INTERNET2 EDU>
Date: Sat, 4 Mar 2017 00:57:59 +0000

Two resources for you:

Educause and community members have just completed an update to HEISC security program assessment tool.
https://library.educause.edu/resources/2015/11/information-security-program-assessment-tool

The Cloud Security Alliance has done some nice work that higher education has contributed  elements to as well:
https://cloudsecurityalliance.org/group/cloud-controls-matrix/


Shel Waggener
Senior Vice President - Internet2
office: 510-858-0881
twitter: shelwaggener

Assistant: Elaine Alejo
<ealejo () internet2 edu<mailto:ealejo () internet2 edu>>
office: 510-858-0881

Follow us on Twitter: www.twitter.com/internet2<http://www.twitter.com/internet2>
Become a Fan on Facebook: www.internet2.edu/facebook<http://www.internet2.edu/facebook>

[cid:image001.png@01D2943F.4F1F0850]


From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of David Treble 
<David.Treble () UMANITOBA CA>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Friday, March 3, 2017 at 11:40 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Baseline Controls Checklist for Project Management Office?


Hello everyone,

We are in the midst of preparing some Information Security baseline controls for our Project Management Office to use.  
We are wondering if anyone has a template or checklist they use for this purpose they are able to share.

Our goal is to get the PMO to be proactive with implementing controls early in the project process.   Based on the 
checklist results we can then do a deeper dive on any gaps during the Risk Assessment process.  We have limited time 
and resources, so our TRA's are often done in parallel to the design and build and while we try to get our 
recommendations in early, the more guidance the PMO has out of the gate the better.

Thanks!

David Treble
IT Security Coordinator
University of Manitoba

Current thread:

Baseline Controls Checklist for Project Management Office? David Treble (Mar 03)
- <Possible follow-ups>
- Re: Baseline Controls Checklist for Project Management Office? Shelton Waggener (Mar 03)