Educause Security Discussion mailing list archives
Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION
From: Thomas Dugas <dugast () DUQ EDU>
Date: Mon, 19 Feb 2018 21:44:14 +0000
Hello, I am a huge fan of the HEISC Tools. They are tailored to our industry and crosswalk to industry standards. It has gone over so well our audit firm asks us to complete and update it every 2 years. Tom Dugas Director, Information Security/New Initiatives Duquesne University From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valerie Vogel Sent: Friday, February 16, 2018 11:18 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Thanks Andy! I was about to respond with the same link. ☺ Raisha – You might also find these two tools useful – an IT Risk Register and an IT Governance Toolkit * https://library.educause.edu/resources/2015/10/it-risk-register<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2015%2F10%2Fit-risk-register&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=iMkdb1EnVE8O8qayXsY9fP%2BYvjiRd7aFTFIx1EDIG8A%3D&reserved=0> * https://library.educause.edu/resources/2017/12/it-governance-toolkit<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2017%2F12%2Fit-governance-toolkit&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=CM48OlxcAsPQhJCzR2V31PQFWvpixc2vDO9PoERFnJw%3D&reserved=0> Thank you, Valerie Valerie Vogel Senior Manager, Cybersecurity Program EDUCAUSE Uncommon Thinking for the Common Good direct: 202.331.5374 | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu> From: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of Andrew Weisskopf <aweissko () BINGHAMTON EDU<mailto:aweissko () BINGHAMTON EDU>> Reply-To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Friday, February 16, 2018 at 8:13 AM To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: Re: [SECURITY] Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Raisha, Is this what you're looking for? https://library.educause.edu/resources/2015/11/information-security-program-assessment-tool<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2015%2F11%2Finformation-security-program-assessment-tool&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=NO4A0xEUh%2BZa%2BMUZ6Qj%2FIHYuVxngb38K7dl8gw%2B72Kk%3D&reserved=0> Also, if you haven't checked it out, the HEISC Information Security Guide (https://spaces.internet2.edu/display/2014infosecurityguide/Home<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fspaces.internet2.edu%2Fdisplay%2F2014infosecurityguide%2FHome&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=6Up5KtFJ2ozmKRJ9VbOXyjWKerzK4eoEmqzni%2BzpHVM%3D&reserved=0>) is full of useful information and tools. --Andy Andrew Weisskopf Director of Security Operations and Chief Information Security Officer Binghamton University http://www.binghamton.edu/its/<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.binghamton.edu%2Fits%2F&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=PiJxfTP97AHNeUc5m7YJUDzqd0pwrxMqcPT%2FKWezPX0%3D&reserved=0> Binghamton, NY 13902 (607) 777-6198 (W) aweissko () binghamton edu<mailto:aweissko () binghamton edu> On Fri, Feb 16, 2018 at 10:41 AM, Cobb, Raisha <cobbr () wssu edu<mailto:cobbr () wssu edu>> wrote: Greetings, Curious if anyone can point me to an updated or excel version of the above-referenced tool located here https://www.educause.edu/ir/library/pdf/SEC0421.pdf<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fir%2Flibrary%2Fpdf%2FSEC0421.pdf&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C1%7C636543947019701258&sdata=yac8kox%2F2LPSzx1CjIPbAy88hEN7ofdOFbwjig1qchI%3D&reserved=0>? Or, does another campus have a tool that they are willing to share? Thanks! Regards, Raisha Cobb – MSTM, CISSP, CBCP Executive Director of Communication Technology & Information Security Officer Office of Information Technology ♈ Winston-Salem State University ♈ 1209 Elva Jones Computer Science Building Winston-Salem, NC 27110 Main: (336) 750-2092 Fax: (336) 750-2093 Email: cobbr () wssu edu<mailto:cobbr () wssu edu> I'm protecting the privacy of your information the way I hope you'd protect mine. Learn more<https://na01.safelinks.protection.outlook.com/?url=https:%2F%2Fer.educause.edu%2F~%2Fmedia%2Fimages%2Fblogs%2F2017%2F9%2Ferob17532thumbnail.jpg%3Fla%3Den%26hash%3D79AB15EC6839527077BAC2AF76840293BE1BC785&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=zPPl5prUsU07IU5MSHlyPiVkWhEdA7x6%2Bzn65SWecHk%3D&reserved=0>. #PrivacyAware #CyberAware [https://staysafeonline.org/wp-content/uploads/2017/09/dpd_english.jpg] NOTICE: Emails sent and received in the course of university business are subject to the North Carolina Public Records Act (N.C.G.S. §132-1 et seq.) and may be released to the public unless an exception applies.
Current thread:
- Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Cobb, Raisha (Feb 16)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Andrew Weisskopf (Feb 16)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Valerie Vogel (Feb 16)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Adam Menos (Feb 16)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Thomas Dugas (Feb 19)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Valerie Vogel (Feb 16)
- Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Andrew Weisskopf (Feb 16)