Educause Security Discussion mailing list archives
Re: ISO 27000
From: "Payne, Shirley (scp8b)" <scp8b () VIRGINIA EDU>
Date: Fri, 15 Jan 2010 10:40:24 -0500
Leilani, The University of Virginia's information security program is based primarily upon the ISO 27002 standard and we are audited against the standard. The policy that authorizes alignment with ISO 27002 is posted at https://policy.itc.virginia.edu/policy/policydisplay?id=IRM-011. -Shirley Shirley C. Payne, CISSP Assistant Vice President for Information Security, Policy, and Records University of Virginia P.O. Box 400898 2400 Old Ivy Road, Room 166 Charlottesville, Virginia 22904-4898 (434) 924-4165 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Leilani Lauger Sent: Thursday, January 14, 2010 3:42 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] ISO 27000 We are trying to gather information about how our peers are using the ISO 27000 standards. Is anyone using standards to formally evaluate a security program or as a framework for building a new program? Are they being used as a complete body of work or to inform individual aspects of a security program? We appreciate any feedback. Thank you, Leilani Lauger Information Security Officer Loyola University Chicago 773.508.6086 llauger () luc edu
Current thread:
- ISO 27000 Leilani Lauger (Jan 14)
- <Possible follow-ups>
- Re: ISO 27000 Lorenz, Eva (Jan 14)
- Re: ISO 27000 Scott Sweren (Jan 15)
- Re: ISO 27000 Davis, Thomas R (Jan 15)
- Re: ISO 27000 Payne, Shirley (scp8b) (Jan 15)
- Re: ISO 27000 Drews, Jane E (Jan 15)
- Re: ISO 27000 Chris Bennett (Jan 15)
- Re: ISO 27000 Heidi Wachs (Jan 15)
- Re: ISO 27000 Alex Brown (Jan 15)
- Re: ISO 27000 Hugh Burley (Jan 18)
- Re: ISO 27000 Lorenz, Eva (Jan 19)