Joint Information Systems Committee Supporting Higher and Further Education Information Security: Policy and Culture Introduction and Background Annette.

Slides:



Advertisements
Similar presentations
IMPROVING ACCESS TO ACADEMIC CONTENT : JISC working for UK teaching and research Frederick J. Friend OSI Open Access Advocate JISC Consultant Honorary.
Advertisements

Joint Information Systems Committee Supporting Further and Higher Education Making Learning Effective – MLE? New Environments for Learning Tuesday 19 March.
Issues of collaborating in a Shibboleth FE/HE trust environment Graham Mason KC-ROLO.
Joint Information Systems Committee Supporting Further and Higher Education JISC MLE Development Programme Building MLEs in HE Building MLEs in FE (Interoperability.
Supporting further and higher education Information Literacy in Practice An introduction to some useful subject based resources SPRIG Seminar 2003 Information.
Joint Information Systems Committee Supporting Higher and Further Education Portals and the JISC Information Environment Strategy Chris Awre Programme.
Shibbolising UK Census and ESDS services Lucy Bell Associate Director, Head of Information Systems and Preservation, UKDA 26 May 2005.
BUFDG Conference 2003 The Pricing Agenda Professor David Westbury Chair, Joint Costing and Pricing Steering Group.
Collection-level description & collection management: tool for the trade or information trade-off? Collection Description Focus Workshop 4 Newcastle, 8.
A centre of expertise in digital information managementwww.ukoln.ac.uk Approaches To E-Learning: Developing An E-Learning Strategy Brian Kelly UKOLN University.
A centre of expertise in digital information management Developing a Quality Culture For Digital Library Programmes Author & Presenter Brian Kelly UKOLN.
Publishing An e-Journal Brian Kelly UK Web Focus UKOLN University of Bath UKOLN is funded by Resource: The Council for Museums, Archives.
UKOLN is supported by: Put functionality Augmenting interoperability across scholarly repositories 20/21 April 2006 Rachel Heery, UKOLN, University of.
Collection-level description & the Information Landscape: users evaluate strategies for resource discovery Collection Description Focus Workshop 5 Cambridge,
1 ROADS to ATHENS Manjula Patel UKOLN University of Bath Bath, BA2 7AY UKOLN is funded by the British Library Research and Innovation.
Personal Development Plans: setting the scene The one-stop shop for the HE Progress File
HE in FE: The Higher Education Academy and its Subject Centres Ian Lindsay Academic Advisor HE in FE.
Smarter Information Management Presenter: Dianne Macaskill Chief Executive Archives New Zealand.
Post-Implementation Organization & Support Loren Blinde Director, Administrative Systems Group.
Learning Development: for students and for staff Teaching and Learning Directorate Awayday 9 th April, 2010.
Joint Information Systems Committee 25/08/2014 | slide 1 JISC Core Middleware Programme Meeting Middleware in Development Joint Information Systems CommitteeSupporting.
Member Training ALARM South East - November 2007 Abigail Simpson and Bob Ellison.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Supporting Further and Higher Education Linking Digital Libraries and Virtual Learning Environments Paul Bailey Programme Manager, JISC Development Group.
How to effectively evaluate
Multiple choice test From each of the following questions try to identify the appropriate JISC Service.
Roger Southgate Past President of ISACA London Chapter Member of the BSI Committees for Service Management and IT Governance Leader.
Office of Inspector General (OIG) Internal Audit
Measuring the effectiveness of government IT systems Current ANAO initiatives to enhance IT Audit integration and support in delivering Audit outcomes.
Tan Jenny 23 September 2009 SESSION 4: Understanding Your IT Control Environment & Its Readiness.
Giandonato CAGGIANO ENISA MANAGEMENT BOARD REPRESENTATIVE LEGAL ADVISER ON EUROPEAN AFFAIRS OF THE MINISTRY OF COMMUNICATIONS U. OF ROMA TRE LAW FACULTY.
Supporting further and higher education AA(A) – What does it mean to the service provider? Alan Robiette, JISC Development Group.
Slide 1 The 9 th European Financial Markets Convention “Towards true integration by 2009” Brussels May 2005 Corporate Governance Session by the ECGI.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
A methodological approach to national road safety policies Richard ALLSOP and Maurizio TIRA ETSC Best in Europe Conference 2006 eSafety that matters Learning.
Supporting further and higher education UK Middleware Update TF-EMC2 Meeting, 4 November 2004 Alan Robiette, JISC Development Group.
Outline Customers Constraints Reviews Improvements Response to Focus Group Feedback How can we work together? Flexible Work Schedules.
Introduction to the CALD Aged Care Strategy Bruce Shaw Senior Policy Officer, Aged Care Federation of Ethnic Communities’ Councils of Australia (FECCA)
Leeds University Library Implementing an information literacy audit in the School of Healthcare, Leeds University Alison Lahlafi, Faculty Team Librarian.
INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY
Integrated Safety & Risk Management for Helicopter Operations Kimberley Turner Chief Executive Officer Aerosafe Risk Management.
Managing a Small Audit Office: The Office of Inspector General at the SEC ( )
Supporting education and research Security and Authentication for the Grid Alan Robiette, JISC Development Group.
Improving the recognition system Prof. Andrejs Rauhvargers President, Lisbon Convention Committee.
Embedding Mobile Learning A view of ALPS and other projects Peter Bird Doctoral Researcher Manchester Metropolitan University
Process Quality in ONS Rachel Skentelbery, Rachael Viles & Sarah Green
Post-Implementation Organization & Support Kashif Shamim BS(CS),MSC(MDCN)
The UK Access Management Federation John Chapman Project Adviser – Becta.
ICP 8 – Risk Management and Internal Controls Ekrem Sarper Vice Chair, Implementation Committee San Jose, Costa Rica.
Practitioner Research in Further Education Creating a culture and building networks Nigel Ecclesfield, Emma Procter-Legg and Ellen Lessner.
A centre of expertise in digital information managementwww.ukoln.ac.uk A Standards Framework For Digital Library Development Programmes Brian Kelly UK.
A centre of expertise in digital information management UKOLN priorities: ●Provide advice and services to the library, education.
Supporting education and research Introduction to JISC JISC Name Role.
Security Policy Update WLCG GDB CERN, 14 May 2008 David Kelsey STFC/RAL
A centre of expertise in digital information management UKOLN is supported by: The JISC PoWR Project Preserving Web 1.0.
The Power of Recommendations Dainius Jakimavičius National Audit Office of Lithuania Vilnius, April 23, 2013.
Page 1 Professional Skepticism Prof. Annette Köhler, IAASB Member and Working Group Chair IAASB CAG Meeting September 15, 2015.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
Government Internal Audit Career
Jisc Open Access Dashboard
C. What is a Feasibility report
The KSF is just the beginning …
OFFICE OF THE PUBLIC SERVICE COMMISSION
The thing I'd like to know about CRM Architecture is…..
Education and Training Statistics Working Group Meeting of 17 November 2010 Item 5 – Further actions Eurostat in regard to the follow up of the feasibility.
Item 5.6 of the Agenda Remote access to confidential data for scientific purpose Jean-Marc Museux/ Aleksandra Bujnowska - Unit B2 Methodology and research.
Plan your journey.
Nadine Cormier Director, Performance Audit Methodology
OU BATTLECARD: Oracle Identity Management Training
Presentation transcript:

Joint Information Systems Committee Supporting Higher and Further Education Information Security: Policy and Culture Introduction and Background Annette Haworth ex-Chair of ex-JCAS Director of Information Services,The University of Reading

Joint Information Systems Committee Supporting Higher and Further Education Background – JCAS - Issues Security is about confidentiality authenticity integrity of information Is HE/FE special? – in general, no but – large number peripatetic users/shared PCs/ across public networks/home-working etc – possible odd deals eg ILL, JISC-services...

Joint Information Systems Committee Supporting Higher and Further Education Background – JCAS - What do we know? Many H/FEIs not got/afford enough technical/managerial expertise What definitely needs doing? – Longterm future of JISC-services and related authentication/authorisation service (aka - what do we do about Athens?) – broadening of concept to help sites

Joint Information Systems Committee Supporting Higher and Further Education Background What did we end up doing? Well, yes, we did have the JISC-service related problems to solve But the real problems institutions face are far broader they are Technical - solutions are not without their complexities, but if there is one & youve got the money/expertise, you can use it - QED But what solution do you need - institutional aims, cultural and legal environments. Definitely not QED

Joint Information Systems Committee Supporting Higher and Further Education Background JISC's Work on Security Policy and Planning 1999Pilot study of the BS7799 methodology 2000Evaluation of BS7799 project -Policy advice to HEIs and FECs -Senior Management Briefing Paper 2001Study of user attitudes to security

Joint Information Systems Committee Supporting Higher and Further Education An Anecdote or How the JISC helped me to survive (so far) Take this Contemplate it in your own environment Survive!

Joint Information Systems Committee Supporting Higher and Further Education …….but why Reading is still working on an information security policy? This is not a one-person job on the side and its not my survival that matters – its the institution What is it aiming to achieve, how can a security policy help/hinder? What is a policy? What is the policy? Who owns it? How is it updated? Is it embedded in the culture? Embedded in other policies? A separate tick-box get-you- through-the-audit item? Have we done the right risk analysis? e.g. perfect security cd. stop our academics doing something valuable

Joint Information Systems Committee Supporting Higher and Further Education Introduction Messages for the Day (1) Policy is vital -Needed to establish responsibilities -Needed as a guide when action is required -Needed as an indication of good practice [legal compliance, auditors, ecommerce etc]

Joint Information Systems Committee Supporting Higher and Further Education Introduction Messages for the Day (2) BS7799/ISO17799 is a feasible approach to use -but hard work to implement in full -there are alternatives which may suit you better [e.g. the German Federal Govt handbook] More important to get a workable policy in place than to get hung up on any one methodology!!

Joint Information Systems Committee Supporting Higher and Further Education Introduction - This session Information security policy: what should it aim to achieve? Towards an institution-wide security policy Security: a matter of user perception

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.