IT Policy Forum, Tuesday, May 1st, 2012, 11:30-1:00, Memorial Union (check TITU)
Here are the discussion results.
Bruce Maas, Vice Provost for Information Technology
2. Revision of Information Incident Reporting and Response Policy (IReport revisions)
Jim Lowe, Chief Information Security Officer
- Before/after comparison of the most significant change in the policy, PDF
- Draft policy and procedure, PDF
Small group disucussion:
- What are your thoughts on reporting of incidents involving restricted data, and on OCIS investigating all those reports?
- The proposed revision includes a template procedure for departments, intended to make it easier to organize incident reporting. Would this be useful? Suggested changes?
See IReport Policy Drafts Archive for version 2012-05-03 that incorporates changes suggested at the forum.
3. Drafts for storage, transmission and encryption of sensitive information (IEncrypt revision)
Draft policy and standards
(combines storage and transmission into one policy and one set of standards)
Phil Saunders (Enrollment Management)
Revisions to Storage, Transmission, and Encryption of Sensitive Information, PDF
5. Closing and evaluations