Page History

Campus Case Studies On This Page
Building an ISO /IEC 27001 Certified Information Security Management System Programs (ISMS) at University of Tampa, 2017)

EDUCAUSE Resources

• 7 Things You Should Know About Cloud Security, EDUCAUSE 7 Things You Should Know, 2010
• A Guide to Security Metrics, Presentation at the Security Professionals Conference, 2010
• Building Security into the RFP Process, Presentation at the Security Professionals Conference, 2010
• The Career of the IT Security Officer in Higher Education, ECAR Occasional Paper, 2009
• Cloud Computing: Clear Skies or Rain?, Presentation at the Security Professionals Conference, 2010
• Data Protection Contractual Language, Information Security Guide
• Do They Measure up? Assessing the Security Posture of Third-Party Service Providers, Presentation at the Security Professionals Conference, 2011
• Effective Management of Information Security and Privacy, EDUCAUSE Quarterly, Volume 29, #1, 2006
• Higher Education Information Security Governance Guide, Presentation at the Security Professionals Conference, 2010
• Hot Topic Discussion: Mobility, Telecommuting, and the Cloud. Presentation and discussion at the Security Professionals Conference, 2010
• Guidelines for Responding to Compulsory Legal Requests for Information, Information Security Guide
• Information Security and Internal Audit: Working Together, Security Professionals Conference, 2011
• Information Security and the Institutional Review Board: A Roadmap for Securing Research Data, Security Professionals Conference, 2011
• Information Security Governance, Information Security Guide
• Information Security Governance Assessment Tool, Information Security Guide
• Initiating Security Initiatives Through System-Wide IT Governance, Security Professionals Conference, 2011
• Information Security Program Self-Assessment Tool, EDUCAUSE Resource, 2013
• Information Security Governance: Standardizing the Practice of Information Security, ECAR Research Bulletin, 2008
• Process and Politics: IT Governance in Higher Education, ECAR Research Study, 2008
• Scale the Solution to the Problem, EDUCAUSE Quarterly, Volume 27, #1, 2004
• Security Considerations for Cloud Computing, Information Security Guide
• Stewards for Higher Education: Looking at Clouds & the Top-Ten Issues, EDUCAUSE Review, Volume 45, #3, 2010
• Structuring the IT Organization for Cloud Services, ECAR Research Bulletin 12, 2010 (login required)
• Surviving the Onslaught: Running a Security Program by Yourself, Presentation at the Security Professionals Conference, 2010
• The Shifting Landscape Strategic Security Model, Presentation at the Security Professionals Conference, 2010
• Top Information Security Concerns for Campus Executives & Data Stewards, Information Security Guide

Initiatives, Collaborations, & Other Resources

• Governing for Enterprise Security (GES) Implementation Guide, CMU/SEI Technical Note, 2007
• Information Security Advisory Council Charter, Appalachian State University, 2015
• Information Security Council Charter, University at Albany - SUNY, 2011
• Information Security Governance: A Call to Action, Corporate Governance Task Force Report, 2007
• IT Confidentiality Statement, University of Iowa, 2002