...
- What is Information Security Governance and What it is Not
- Why Information Security Governance is Needed
- How to Govern Information Security
- Organizational Structure
- Roles and Responsibilities
- Strategic Planning
- Policy
- Compliance
- Risk Management
- Measuring and Reporting Performance
- Governance Models and Success Stories
Building
...
ISO
...
27001 Certified Information Security
...
Programs (
...
University of Tampa
...
, 2017)
This case study describes a decision and process used by the University of Tampa to go beyond compliance with ISO 27002 (essentially the controls portion of the ISO standard) and become certified under 27001 (ISO/IEC 27001:2005 2013 Information technology -- Security techniques -- Specification for an Information Security Management System) which required complete commitment from top management.
...
Panel |
---|
|
Campus Case Studies On This Page Building an ISO /IEC 27001 Certified Information Security Management System Programs (ISMS) at University of Tampa, 2017) EDUCAUSE Resources - 7 Things You Should Know About Cloud Security, EDUCAUSE 7 Things You Should Know, 2010
- A Guide to Security Metrics, Presentation at the Security Professionals Conference, 2010
- Building Security into the RFP Process, Presentation at the Security Professionals Conference, 2010
- The Career of the IT Security Officer in Higher Education, ECAR Occasional Paper, 2009
- Cloud Computing: Clear Skies or Rain?, Presentation at the Security Professionals Conference, 2010
- Data Protection Contractual Language, Information Security Guide
- Do They Measure up? Assessing the Security Posture of Third-Party Service Providers, Presentation at the Security Professionals Conference, 2011
- Effective Management of Information Security and Privacy, EDUCAUSE Quarterly, Volume 29, #1, 2006
- Higher Education Information Security Governance Guide, Presentation at the Security Professionals Conference, 2010
- Hot Topic Discussion: Mobility, Telecommuting, and the Cloud. Presentation and discussion at the Security Professionals Conference, 2010
- Guidelines for Responding to Compulsory Legal Requests for Information, Information Security Guide
- Information Security and Internal Audit: Working Together, Security Professionals Conference, 2011
- Information Security and the Institutional Review Board: A Roadmap for Securing Research Data, Security Professionals Conference, 2011
- Information Security Governance, Information Security Guide
- Information Security Governance Assessment Tool, Information Security Guide
- Initiating Security Initiatives Through System-Wide IT Governance, Security Professionals Conference, 2011
- Information Security Program Self-Assessment Tool, EDUCAUSE Resource, 2013
- Information Security Governance: Standardizing the Practice of Information Security, ECAR Research Bulletin, 2008
- Process and Politics: IT Governance in Higher Education, ECAR Research Study, 2008
- Scale the Solution to the Problem, EDUCAUSE Quarterly, Volume 27, #1, 2004
- Security Considerations for Cloud Computing, Information Security Guide
- Stewards for Higher Education: Looking at Clouds & the Top-Ten Issues, EDUCAUSE Review, Volume 45, #3, 2010
- Structuring the IT Organization for Cloud Services, ECAR Research Bulletin 12, 2010 (login required)
- Surviving the Onslaught: Running a Security Program by Yourself, Presentation at the Security Professionals Conference, 2010
- The Shifting Landscape Strategic Security Model, Presentation at the Security Professionals Conference, 2010
- Top Information Security Concerns for Campus Executives & Data Stewards, Information Security Guide
Initiatives, Collaborations, & Other Resources - Governing for Enterprise Security (GES) Implementation Guide, CMU/SEI Technical Note, 2007
- Information Security Advisory Council Charter, Appalachian State University, 2015
- Information Security Council Charter, University at Albany - SUNY, 2011
- Information Security Governance: A Call to Action, Corporate Governance Task Force Report, 2007
- IT Confidentiality Statement, University of Iowa, 2002
|
...