Educause Security Discussion mailing list archives

Re: PCI Responsability

From: "Lazarus, Carolann" <lazarus () BUFFALO EDU>
Date: Fri, 6 Apr 2018 19:12:09 +0000

Same here – IT advises (both security and technical) Controller and Financial Management under the VP Finance has 
ultimate responsibility.  We have a PCI compliance group that will soon morph into a standing PCI Compliance Committee 
that will have oversight responsibilities.

Carolann Lazarus
716-829-6947
lazarus () buffalo edu<mailto:lazarus () buffalo edu>

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Ken Connelly
Sent: Friday, April 6, 2018 12:30 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] PCI Responsability

IT Security advises on the technical aspects but the responsibility for compliance lies under the VP for Finance and 
Operations, specifically Business Operations and Cashiers offices.

- ken
On 4/6/18 10:18 AM, Ronald King wrote:
Good morning colleagues,

I wanted to reach out to you to ask what division or department in your institution is ultimately accountable for PCI 
compliance. Is it your IT, Finance or another department/division? Why?

Do you have a dedicated employee, contractor or team overseeing compliance to PCI?

As always, feel free to reach me directly.

Thank you and have a great weekend!
Ron
Ronald A. King, CISSP
Chief Information Security Officer
Morgan State University                                                                                     Office: 
(443) 885-3372
1700 E. Cold Spring Ln.                                                                                      Email: 
ronald.king () morgan edu<mailto:ronald.king () morgan edu>
Baltimore, MD 21251                                                                            URL:               
http://www.morgan.edu

                                             Growing the future ... Leading the 
world<http://www.morgan.edu/Documents/ABOUT/StrategicPlan/StrategicPlan2011-21_Final.pdf>




--

- Ken

=================================================================

Ken Connelly                       Director, Information Security

Information Security Officer          University of Northern Iowa

email: Ken.Connelly () uni edu<mailto:Ken.Connelly () uni edu>   p: (319) 273-5850 f: (319) 273-7373



Any request to divulge your UNI password via e-mail is fraudulent!

Current thread:

PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Charles Curtis (Apr 06)
  - Re: PCI Responsability Ronald King (Apr 06)
- Re: PCI Responsability Pardonek, Jim (Apr 06)
  - Re: PCI Responsability Sunil Singh (Apr 06)
    - Re: PCI Responsability Nevin, Dave (Apr 06)
    - Re: PCI Responsability Jason Edelstein (Apr 06)
    - Re: PCI Responsability Ben Marsden (Apr 06)
    - Re: PCI Responsability Josh Callahan (Apr 06)
- Re: PCI Responsability Ken Connelly (Apr 06)
  - Re: PCI Responsability Lazarus, Carolann (Apr 06)
    - Security Onion - IDS build Sunil Singh (Apr 07)
- Re: PCI Responsability Laura Raderman (Apr 06)
- Re: PCI Responsability Rob Milman (Apr 06)
- Re: PCI Responsability Penn, Blake C (Apr 09)
  - Re: PCI Responsability Dennis Bolton (Apr 09)
    - Re: PCI Responsability Ronald King (Apr 13)
- <Possible follow-ups>
- Re: PCI Responsability Carlos S Lobato (Apr 06)
  - Re: PCI Responsability Ronald King (Apr 06)