Home page logo

educause logo Educause Security Discussion mailing list archives

Re: Security Program: NIST, ISO, other?
From: "Davis, Thomas R" <tdavis () IU EDU>
Date: Fri, 18 Jan 2013 12:05:06 +0000

Indiana University's is based on ISO.  You can find more info here:


Tom Davis, CISSP, CISM
Chief Security Officer
Public Safety and Institutional Assurance
Indiana University

On Jan 17, 2013, at 9:36 AM, "Wright, A J (A. J.)" <ajw () TENNESSEE EDU> wrote:

Hello all,
At the University of Tennessee, our security program is based on the NIST 800 Series special publications rather than 
ISO 27001.  While we don’t claim to implement 100% of it (it wouldn’t be appropriate,) we’re making heavy use of 
FIPS199, 800-37, 800-53, 800-66, etc.
I’ve had staff calling and emailing around asking this, but I figured I’d ask this list also: what is your school’s 
security program based on?
A. J. Wright 
Chief Information Security Officer
University of Tennessee – System Administration
2309 Kingston Pike, Suite 131C
Knoxville, TN  37996-1717
Phone:  865-974-0637
Email: ajw () tennessee edu

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]