Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

From: Thomas Dugas <dugast () DUQ EDU>
Date: Mon, 19 Feb 2018 21:44:14 +0000
Hello,

I am a huge fan of the HEISC Tools. They are tailored to our industry and crosswalk to industry standards. It has gone 
over so well our audit firm asks us to complete and update it every 2 years.

Tom Dugas
Director, Information Security/New Initiatives
Duquesne University

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valerie 
Vogel
Sent: Friday, February 16, 2018 11:18 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

Thanks Andy! I was about to respond with the same link. ☺

Raisha – You might also find these two tools useful – an IT Risk Register and an IT Governance Toolkit

  *   
https://library.educause.edu/resources/2015/10/it-risk-register<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2015%2F10%2Fit-risk-register&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=iMkdb1EnVE8O8qayXsY9fP%2BYvjiRd7aFTFIx1EDIG8A%3D&reserved=0>
  *   
https://library.educause.edu/resources/2017/12/it-governance-toolkit<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2017%2F12%2Fit-governance-toolkit&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=CM48OlxcAsPQhJCzR2V31PQFWvpixc2vDO9PoERFnJw%3D&reserved=0>

Thank you,
Valerie

Valerie Vogel
Senior Manager, Cybersecurity Program

EDUCAUSE
Uncommon Thinking for the Common Good
direct: 202.331.5374 | twitter: @HEISCouncil | vvogel () educause edu<mailto:vvogel () educause edu>
From: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on 
behalf of Andrew Weisskopf <aweissko () BINGHAMTON EDU<mailto:aweissko () BINGHAMTON EDU>>
Reply-To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Date: Friday, February 16, 2018 at 8:13 AM
To: Security Discussion Group List <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] Question about INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION

Raisha, Is this what you're looking for?

https://library.educause.edu/resources/2015/11/information-security-program-assessment-tool<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flibrary.educause.edu%2Fresources%2F2015%2F11%2Finformation-security-program-assessment-tool&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=NO4A0xEUh%2BZa%2BMUZ6Qj%2FIHYuVxngb38K7dl8gw%2B72Kk%3D&reserved=0>

Also, if you haven't checked it out, the HEISC Information Security Guide 
(https://spaces.internet2.edu/display/2014infosecurityguide/Home<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fspaces.internet2.edu%2Fdisplay%2F2014infosecurityguide%2FHome&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=6Up5KtFJ2ozmKRJ9VbOXyjWKerzK4eoEmqzni%2BzpHVM%3D&reserved=0>)
 is full of useful information and tools.

--Andy


Andrew Weisskopf

Director of Security Operations and Chief Information Security Officer

Binghamton University

http://www.binghamton.edu/its/<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.binghamton.edu%2Fits%2F&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=PiJxfTP97AHNeUc5m7YJUDzqd0pwrxMqcPT%2FKWezPX0%3D&reserved=0>



Binghamton, NY  13902

(607) 777-6198 (W)

aweissko () binghamton edu<mailto:aweissko () binghamton edu>

On Fri, Feb 16, 2018 at 10:41 AM, Cobb, Raisha <cobbr () wssu edu<mailto:cobbr () wssu edu>> wrote:
Greetings,

Curious if anyone can point me to an updated or excel version of the above-referenced tool located here 
https://www.educause.edu/ir/library/pdf/SEC0421.pdf<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fir%2Flibrary%2Fpdf%2FSEC0421.pdf&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C1%7C636543947019701258&sdata=yac8kox%2F2LPSzx1CjIPbAy88hEN7ofdOFbwjig1qchI%3D&reserved=0>?
  Or, does another campus have a tool that they are willing to share?

Thanks!


Regards,

Raisha Cobb – MSTM, CISSP, CBCP
Executive Director of Communication Technology  & Information Security Officer
Office of Information Technology
♈ Winston-Salem State University ♈
1209 Elva Jones Computer Science Building
Winston-Salem, NC 27110

Main: (336) 750-2092     Fax: (336) 750-2093
Email: cobbr () wssu edu<mailto:cobbr () wssu edu>



I'm protecting the privacy of your information the way I hope you'd protect mine. Learn 
more<https://na01.safelinks.protection.outlook.com/?url=https:%2F%2Fer.educause.edu%2F~%2Fmedia%2Fimages%2Fblogs%2F2017%2F9%2Ferob17532thumbnail.jpg%3Fla%3Den%26hash%3D79AB15EC6839527077BAC2AF76840293BE1BC785&data=02%7C01%7Cdugast%40DUQ.EDU%7Ce495cd2b5c294e156d0a08d57558e3b3%7C12c44311cf844e4195c38df690b1eb61%7C0%7C0%7C636543947019701258&sdata=zPPl5prUsU07IU5MSHlyPiVkWhEdA7x6%2Bzn65SWecHk%3D&reserved=0>.
#PrivacyAware #CyberAware
[https://staysafeonline.org/wp-content/uploads/2017/09/dpd_english.jpg]

NOTICE: Emails sent and received in the course of university business are subject to the North Carolina Public Records 
Act (N.C.G.S. §132-1 et seq.) and may be released to the public unless an exception applies.

Previous By Date Next
Previous By Thread Next

Current thread: