Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: sample audit RFP
From: Georgia Killcrece <georgia () CERT ORG>
Date: Wed, 19 Sep 2007 09:52:53 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Jason,

Youngquist, Jason R. wrote:
Does anyone have a sample RFP for a comprehensive IT security audit that
you would be willing to share?

Thanks.
Jason Youngquist
Network Engineer - Security
Technology Services
Columbia College
1001 Rogers Street, Columbia, MO  65216
(573) 875-7334
jryoungquist () ccis edu
http://www.ccis.edu

I saw your message about the RFP for IT security audit, and although it
is not specifically an audit tool, you might want to have a look at
our Incident Management Capability Metrics at

http://www.cert.org/csirts/metrics.html

It looks at practices within the end-to-end incident management
activities and can be used in a 'self-assessment' approach.  This
method is currently being used within the DoD community where all their
computer network defense 'service providers' must be certified and
accredited.  It has also been transitioned to the Federal government
agencies (who are using it as a self-assessment tool).  From that
work, the SEI has been able to take the work and transition it out
to a broader community.

Take a look and if you find that it is of use, we'd be interested
in your feedback.

Georgia
- --

Georgia Killcrece

CERT(R)-Certified Computer Security Incident Handler
CSIRT Development Team
CERT(R) Program
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890 U.S.A.

Telephone: +1-412-268-5760
Fax: +1-412-268-6989

Key ID: 0xFA1A135E
Fingerprint: 0089 77C6 5BEB 810A 1C35 96A5 47A8 F036 FA1A 135E

http://www.cert.org/
http://www.cert.org/csirts/
http://www.cert.org/training/

The CERT Coordination Center is part of the Software Engineering
Institute (SEI). The SEI is sponsored by the U.S. Department of Defense.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFG8Sm0R6jwNvoaE14RAlM4AKCTbwhwb2jYQYBEcRWzii6AK8xLQgCeLsvI
+no/IDCbZSTihIFw4jpCD/0=
=DP7Q
-----END PGP SIGNATURE-----

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault