IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO

Slides:



Advertisements
Similar presentations
Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.
Advertisements

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.
Bill McClanahan – Principal Business Consultant LPS Integration.
(Insert Title of Project Here) Kickoff Meeting (Month Date, Year)
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
BNSF Ethics and Compliance Program Roger Nober Executive Vice President Law and Secretary July 13, 2011.
Presented By: Thelma Ameyaw Security Management TEL2813 4/18/2008Thelma Ameyaw TEL2813.
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.
ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.
Information Security for the Data Management Professional Micheline Casey Chief Data Officer Federal Reserve Board.
The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.
Departmental Risk Assessment Coordinators (DRAC) Program CUVA Conference May 23, 2012 Mason Inn George Mason University Robert Nakles and Josh Schiefer.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
FHWA Reorganization Update Program Performance Management Standing Committee on Performance Management Meeting Detroit, MI October 14, 2011 Peter Stephanos.
Donald Rosen and Cindy Smolovik National Archives and Records Administration Office of the Chief Records Officer BRIDG Meeting August 21, 2013 Managing.
Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
REC support is. provided under cooperative agreement 90RC0025/01 from the Office of the National Coordinator for HIT, US Dept. of Health and Human Services.
Evaluating gifted and talented students January 2007.
Frontline Enterprise Security
Placing Information Security within an Organization
Information Security IBK3IBV01 College 3 Paul J. Cornelisse.
MATCHING DATA with IT SERVICES Berkeley Data Authorization Process CISPC, April 19, 2012 Lisa Ho, IT Policy Manager, Berkeley Privacy & Policy Office.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
CO – CART Project Status Protocol Revision Subcommittee Update 08/17/2006.
The Prevent Duty Guidance (under the Counter-Terrorism and Security Act 2015 ) was released by the Government in March 2015 which places a duty on schools,
ISACA: 2016 AND BEYOND MATT LOEB (CGEIT, CAE) ISACA CHIEF EXECUTIVE OFFICER.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Info-Tech Research Group1 1 Info-Tech Research Group, Inc. is a global leader in providing IT research and advice. Info-Tech’s products and services combine.
Info-Tech Research Group1 1 Info-Tech Research Group, Inc. is a global leader in providing IT research and advice. Info-Tech’s products and services combine.
Quantifying Cyber Security Risk in Dollars and Cents to Optimize Budgets CRM008 Speakers: Chris Cooper, VP, Operational Risk Officer; RGA Reinsurance Company.
Shared Services and Third Party Assurance: Panel May 19, 2016.
IT Vendor Management March, 2015 Peter Baskette Pratike Patel.
JMFIP Financial Management Conference
BruinTech Vendor Meet & Greet December 3, 2015
Thomas A. Baden Jr. | Commissioner and State Chief Information Officer
Office 365 Security Assessment Workshop
Decanal Task Force on Mental Health
JU September Stakeholder Engagement Conference Webinar #1
Learn about Office 365 Secure Score - actionable security analytics
Information Security Review Panel Report
Data Architecture World Class Operations - Impact Workshop.
Administrative Data Centre (ADC) ……. a GDPR ready data hub?
PROGRESS REPORT ON IMPLEMENTATION OF THE PUBLIC FINANCE MANAGEMENT ACT
Instructor Course Evaluation (ICE)
بسم الله الرحمن الرحيم قَالُوا سُبْحَانَكَ لا عِلْمَ لَنَا إلاَّ مَا عَلَّمْتَنَا إنَّكَ أَنتَ العَلِيمُ الحَكِيمُ صدق الله العظيم ( البقرة 32 )
Program Control Services – Overview
IT Development Initiative: Status and Next Steps
SAM GDPR Assessment <Insert partner logo here>
General Counsel and Chief Privacy Officer
Information Technology Policy Institutional Data Policy
UConn NIST Compliance Project
Enterprise Risk Management (ERM) at Clayton State University
Enterprise Cybersecurity Upgrade Initiation Department of Information Technology Maria Sanchez, Acting State CIO November 13, 2018.
Leveraging Instructional Design Teams
Governance, Risk, and Compliance Systems in Higher Education
Risk Management: why and how to protect your health center
Understanding the current Public Sector landscape from an risk management point of view Applying the ethical responsibility to the Triple Bottom-line:
EDUCAUSE Security Professionals Conference 2018 Jason Pufahl, CISO
Vijay Rachamadugu and David Snyder September 7, 2006
GRC - A Strategic Approach
Change Tested or Implemented
(Insert Title of Project Here) Kickoff Meeting
Document CWG-FHR-10/8 4 September 2019 English only
Presentation transcript:

IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO July 27, 2018

Current Program Risk Assessment Policy 2016 Developed Risk Assessment Questionnaire Reporting and Analysis

What’s Changed Redesigned questionnaire based off of NIST cybersecurity framework SimpleRISK: Governance Risk Management and Compliance Tool Track departmental risks Provide institutional insight Plan mitigations

What to Expect Mid August we will distribute link to the SimpleRISK questionnaire Complete questionnaire by October 1, 2018 Designed to be simple to complete 28 basic questions, expanded based on responses to contingency questions  Helpful links will provide contextual information as appropriate University policies and/or standards are referenced throughout ensuring accurate understanding

Security Visibility Assess the security controls across the organization Determine enterprise-level risks prioritize projects accordingly Create action plan

Thank You Questions? Jason Pufahl Chief Information Security Officer Information Technology Services Jason.Pufahl@uconn.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Условия использования

© 2024 SlidePlayer.com. Inc. All rights reserved.