Seminar 01A - Building a Standards-Based Information Security Program Using ISO 27000

Designing and maintaining a comprehensive, robust, and cost-effective information security program represents an ongoing challenge for many institutions. Get a detailed overview of the EDUCAUSE Information Security Guide developed by HEISC, participate in engaging discussions, and obtain guidance in using the ISO 27000 standards to assist you with solving myriad challenges. The guide, designed around ISO 27002 topics and objectives, offers toolkits, effective practices, and information on key areas of interest, such as tackling compliance (PCI, HIPAA, FERPA, etc.), protecting data and privacy, developing information security policies and procedures, managing risk and vulnerability, establishing business continuity practices, and handling incidents. Discover how tried-and-true information security standards, such as ISO 27000, can be used in tandem with this guide to greatly assist you in developing and improving your information security programs and data protection initiatives. CISOs, CIOs, and anyone charged with developing information security program initiatives will benefit from attending.