Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO

Published byScarlett Moore Modified over 6 years ago

Similar presentations

Presentation on theme: "IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO"— Presentation transcript:

1 IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO
July 27, 2018

2 Current Program Risk Assessment Policy
2016 Developed Risk Assessment Questionnaire Reporting and Analysis

3 What’s Changed Redesigned questionnaire based off of NIST cybersecurity framework SimpleRISK: Governance Risk Management and Compliance Tool Track departmental risks Provide institutional insight Plan mitigations

4 What to Expect Mid August we will distribute link to the SimpleRISK questionnaire Complete questionnaire by October 1, 2018 Designed to be simple to complete 28 basic questions, expanded based on responses to contingency questions  Helpful links will provide contextual information as appropriate University policies and/or standards are referenced throughout ensuring accurate understanding

5 Security Visibility Assess the security controls across the organization Determine enterprise-level risks prioritize projects accordingly Create action plan

6 Thank You Questions? Jason Pufahl Chief Information Security Officer
Information Technology Services

Download ppt "IT RISK MANAGEMENT ITS All Staff Meeting Jason Pufahl, CISO"

Similar presentations

Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.

Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.
Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.

Institutional Insurance: Creating a Comprehensive Campus-wide IT Security Risk Management Program Brian Davis IT Security & Policy Office of Information.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.

NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholde r to insert your own image. Cybersecurity.
Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.

Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
(Insert Title of Project Here) Kickoff Meeting (Month Date, Year)

(Insert Title of Project Here) Kickoff Meeting (Month Date, Year)
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
BNSF Ethics and Compliance Program Roger Nober Executive Vice President Law and Secretary July 13, 2011.

BNSF Ethics and Compliance Program Roger Nober Executive Vice President Law and Secretary July 13, 2011.
Presented By: Thelma Ameyaw Security Management TEL2813 4/18/2008Thelma Ameyaw TEL2813.

Presented By: Thelma Ameyaw Security Management TEL2813 4/18/2008Thelma Ameyaw TEL2813.
August 9, 2005 UCCSC -- 2005 IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.

Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.
ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.

ECM Base Compliance Input Messaging & Alert Compliance dashboard Compliance Monitoring Internal & External Audit Tracking Access Control Compliance & Financial.
Information Security for the Data Management Professional Micheline Casey Chief Data Officer Federal Reserve Board.

Information Security for the Data Management Professional Micheline Casey Chief Data Officer Federal Reserve Board.
The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.

The Here and Now of Higher Ed IT Governance, Risk, and Compliance Efforts Jacqueline Bichsel, PhD Senior Research Analyst EDUCAUSE AIRI, May 8, 2014.
Departmental Risk Assessment Coordinators (DRAC) Program CUVA Conference May 23, 2012 Mason Inn George Mason University Robert Nakles and Josh Schiefer.

Departmental Risk Assessment Coordinators (DRAC) Program CUVA Conference May 23, 2012 Mason Inn George Mason University Robert Nakles and Josh Schiefer.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Chapter 6 6-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
FHWA Reorganization Update Program Performance Management Standing Committee on Performance Management Meeting Detroit, MI October 14, 2011 Peter Stephanos.

FHWA Reorganization Update Program Performance Management Standing Committee on Performance Management Meeting Detroit, MI October 14, 2011 Peter Stephanos.
Donald Rosen and Cindy Smolovik National Archives and Records Administration Office of the Chief Records Officer BRIDG Meeting August 21, 2013 Managing.

Donald Rosen and Cindy Smolovik National Archives and Records Administration Office of the Chief Records Officer BRIDG Meeting August 21, 2013 Managing.
Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.

Homeland Security UNCLASSIFIED United States Coast Guard Office of Port and Facility Compliance (CG-FAC) Cyber Security and the Marine Transportation System.

Similar presentations

Ads by Google