Educause Security Discussion mailing list archives
Re: ISO Cybersecurity Umbrella Policy
From: Laura Raderman <lraderman () CMU EDU>
Date: Tue, 3 Mar 2020 15:16:15 +0000
CMU’s overarching policy is simple: https://www.cmu.edu/policies/information-technology/information-security-policy.html We just published updated guidelines that cover the expected controls at each level of our data classification at: https://www.cmu.edu/iso/governance/guidelines/data-protection/index.html The Guidelines are intentionally rather vague to allow for different ways to implement them. We’re working closely with our various system teams to create standards that give more concrete examples of how the guidelines should be met, but we’re not there yet. Laura Laura Raderman ISO Policy & Compliance Coordinator Carnegie Mellon University lraderman () cmu edu
On Mar 3, 2020, at 9:07 AM, Schwartz, John <jschwartz () WPI EDU> wrote: Hello All, We are currently in the process of refreshing our Security Policies, and based on feedback from our Trustees, we are looking to create "overarching" Cybersecurity Umbrella Policy that covers a range of IT security controls from hardware, software and access control to network security. Does anyone have a similar policy that you would be willing to share? Thank you. John Schwartz – CRISC, CISA, CIA Chief Information Security Officer (CISO) <image001.png> Worcester Polytechnic Institute 100 Institute Road Worcester, MA. 01609-2280 USA e-mail: jschwartz () wpi edu p: 508-831-6868 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- ISO Cybersecurity Umbrella Policy Schwartz, John (Mar 03)
- Re: ISO Cybersecurity Umbrella Policy Rob Milman (Mar 03)
- Re: ISO Cybersecurity Umbrella Policy randy (Mar 03)
- Re: ISO Cybersecurity Umbrella Policy Laura Raderman (Mar 03)
- Re: ISO Cybersecurity Umbrella Policy Robert Smith (Mar 03)
- Re: ISO Cybersecurity Umbrella Policy Sol Bermann (Mar 04)
- Re: ISO Cybersecurity Umbrella Policy Robert Smith (Mar 03)