Educause Security Discussion
mailing list archives
IT Security in Purchases and Contracts
From: Eric Galyon <Eric.Galyon () CUSYS EDU>
Date: Tue, 4 Sep 2007 08:37:18 -0600
I've attempting to research Higher Education practices in extending
University IT security policies to contracts and purchases. I'm
interested in speaking with any institution that has either:
1) Created specific processes which enforce specific reviews and/or
approvals of IT security aspects prior to purchase authorization.
2) Introduced specific written language into contracts, service
arrangement agreements, or RFPs requiring vendors to meet University IT
security policy requirements.
I'd be interested in knowing about institutions that have tackled either
of these issues; contact information would be a plus. I'll gladly
summarize my results and post them back to this list for others.
Technical Security Specialist
Office of Information Security
University of Colorado
Eric.Galyon () cusys edu
- IT Security in Purchases and Contracts Eric Galyon (Sep 04)