http://connect.educause.edu/browse/content/lib_item/4979,249 http://connect.educause.edu/browse/content/lib_item/4979,249 http://connect.educause.edu/educause/images/e_rss.png events, concepts, and conversation from EDUCAUSE The EDUCAUSE Podcast Crew EDUCAUSE is a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. Our podcasts provide information about a range of topics including Leadership, Policy and Law, Teaching and Learning, Emerging Technologies, Open Source, Research Computing, Cyberinfrastructure, and Digitial Libraries. http://connect.educause.edu/browse/content/node/691/list/feed Recent library resources tagged with Government Documents, Laws, Testimonies or Reports and Security Planning. en http://connect.educause.edu/display/45241 <p>This federal register notice informs the public and interested stakeholders that the Department of Homeland Security (DHS) is making available for public review and comment ``Information Technology (IT) Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development.'' This framework is intended to assist the public, private, and academic sectors with strategic IT security workforce development initiatives including professional development, training and education. The EBK is not an additional set of DHS guidelines, and it is not intended to represent a standard, directive, or policy by DHS. Instead, it further clarifies key IT security terms and concepts for well-defined competencies, identifies notional security roles, defines four primary functional perspectives, and establishes an IT Security Role, Competency, and Functional Matrix. </p> http://connect.educause.edu/display/45241#comments Cybersecurity Cybersecurity Policy Professional Development Security Certification Security Management Security Planning security training Workforce Issues Contributed by Organizations or Campuses Government Documents, Laws, Testimonies or Reports Tue, 09 Oct 2007 12:45:08 -0500 ckeller 45241 at http://connect.educause.edu http://connect.educause.edu/display/44968 <p>This publication focuses on developing and implementing information security metrics for an information security program. The processes and methodologies described in this guidance link information security performance to agency performance by leveraging agency-level strategic planning processes. The performance metrics developed according to this guide will enhance the ability of agencies to respond to a variety of federal government mandates and initiatives, including the Federal Information Security Management Act (FISMA) and the President's Management Agenda (PMA).<br />The goal of each agency information security program is to provide the appropriate level of protection to the agency's information resources. Information security has become an essential business function, critical to enabling agencies to conduct their operations and deliver services to the public. Each agency's information security program provides direct support to the agency mission. Information security performance metrics provide a means for the monitoring and reporting of agency implementation of security controls. They also help assess the effectiveness of these controls in appropriately protecting agency information resources in support of the agency's mission.</p> http://connect.educause.edu/display/44968#comments Cybersecurity Policy Security Management Security Metrics Security Planning Contributed by Organizations or Campuses Government Documents, Laws, Testimonies or Reports Wed, 22 Aug 2007 14:24:54 -0500 ckeller 44968 at http://connect.educause.edu http://connect.educause.edu/display/36167 <p>Pursuant to Homeland Security Presidential Directive (HSPD)-7, this National Infrastructure Protection Plan describes a comprehensive, integrated Federal plan for critical infrastructure and key resources protection, and designates specific Federal departments and agencies as Sector-Specific Agencies SSAs) responsible for protection activities in 17 specific critical infrastructure and key resource sectors.</p> http://connect.educause.edu/display/36167#comments Cybersecurity Cybersecurity Policy Security Architecture Security Planning Contributed by Organizations or Campuses Government Documents, Laws, Testimonies or Reports Fri, 25 Feb 2005 15:40:27 -0600 drupal 36167 at http://connect.educause.edu http://connect.educause.edu/display/36077 <p>The Corporate Information Security Working Group (CISWG) was originally convened in November 2003 by Representative Adam Putnam (R-FL). The Best Practices team surveyed available information security guidance. It concluded in its March 2004 report that much of this guidance is expressed at a relatively high level of abstraction and is therefore not immediately useful as actionable guidance without significant and often costly elaboration. In a subsequent phase convened in June 2004, the Best Practices and Metrics teams was charged with refining Information Security Program Elements and developing recommended Metrics supporting each of the elements. This report is the result of that effort and represents a resource that will help Board members, managers, and technical staff establish their own comprehensive structure of principles, policies, processes, controls, and performance metrics to support the people, process, and technology aspects of information security.</p> http://connect.educause.edu/display/36077#comments Cybersecurity Cybersecurity Policy Security Management Security Metrics Security Planning Security Policies Contributed by the Security Task Force Government Documents, Laws, Testimonies or Reports Wed, 12 Jan 2005 13:01:23 -0600 drupal 36077 at http://connect.educause.edu