Educause Security Discussion mailing list archives
Re: Information Systems and Security Audit
From: Emery Rudolph <erudolph () UMD EDU>
Date: Tue, 26 Feb 2013 21:20:00 +0000
Hello Frank, I am not answering your question directly, but did want to note the following. By nature, a firm that is hired to perform a security audit in a thorough manner will need access to all of your data, some of which is sensitive, so you will need to ensure that the firm is extremely reputable and mature. The process will involve many interviews of people, staff, administrators and review of existing policies and documented adherence to those policies, all of which takes a lot of time. Knowing that much, I would expect to pay a pretty penny because you really only get out of it what you put in. You may find firms that provide these services for a cut rate, but I would ask for and follow-up on all references or you may be completely dissatisfied with the results. That's not to say there are not good values out there, I am just suggesting that you first define what you are looking for and search for a firm that provides the best service. After that, explore costs. Very Best Regards, Emery Rudolph, MS Manager IT-ETI-PS Enterprise UNIX Services University of Maryland (301) 405-9379 http://www.umd.edu From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Frank Moore Sent: Tuesday, February 26, 2013 4:01 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Information Systems and Security Audit Colleagues, I am new in my current position and have come from a CIO position in Virginia in a public university. AT PLU I have discovered that while there have been surveys of information security here, there has not been a complete audit of all information systems and security. While on one hand it is nice not to have auditors constantly looking over your shoulder, it is a little disconcerting that a complete audit has never been done. Can anyone recommend a consultant/provider who can offer information security auditing services that are thorough and yet won't break the bank? Thank you, Frank Moore ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ F. X. Moore III Ph.D. Associate Provost: Information and Technology Services and CIO Pacific Lutheran University 12180 Park Avenue South Tacoma, WA 98447-003 (253) 535-7504 [voice] (253) 535-7315 [fax] moorefx () plu edu<mailto:moorefx () plu edu> ________________________________ No virus found in this message. Checked by AVG - www.avg.com<http://www.avg.com> Version: 2013.0.2899 / Virus Database: 2639/6118 - Release Date: 02/20/13
Current thread:
- Information Systems and Security Audit Frank Moore (Feb 26)
- Re: Information Systems and Security Audit Harry Hoffman (Feb 26)
- Re: Information Systems and Security Audit Frank Moore (Feb 26)
- Re: Information Systems and Security Audit Mitcham, Zachery S. (Feb 26)
- Re: Information Systems and Security Audit Emery Rudolph (Feb 26)
- Re: Information Systems and Security Audit Matt Morton (Feb 28)
- Re: Information Systems and Security Audit Frank Moore (Feb 28)
- Re: Information Systems and Security Audit Harry Hoffman (Feb 26)