Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: IT Security in Purchases and Contracts
From: Sarah Stevens <sarah () STEVENS-TECHNOLOGIES COM>
Date: Tue, 4 Sep 2007 11:01:03 -0700

Are you the Eric Galyon from ACNS at CSU?


________________________________

From: Eric Galyon [mailto:Eric.Galyon () CUSYS EDU]
Sent: Tue 9/4/2007 7:37 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] IT Security in Purchases and Contracts



I've attempting to research Higher Education practices in extending University IT security policies to contracts and 
purchases.  I'm interested in speaking with any institution that has either:

 

1)  Created specific processes which enforce specific reviews and/or approvals of IT security aspects prior to purchase 
authorization.

 

2)  Introduced specific written language into contracts, service arrangement agreements, or RFPs requiring vendors to 
meet University IT security policy requirements.

 

I'd be interested in knowing about institutions that have tackled either of these issues; contact information would be 
a plus.  I'll gladly summarize my results and post them back to this list for others.

 

Thanks,

 

Eric Galyon

Technical Security Specialist

Office of Information Security

University of Colorado

(303) 492-9419

Eric.Galyon () cusys edu

 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault