[unisog] GBLA policy examples

Christopher Cramer chris.cramer at duke.edu
Wed Jul 16 20:25:42 GMT 2003


there are a handful of samples from different Universities at:

http://www.nacubo.org/business_operations/safeguarding_compliance/

Since the policies don't have to be submitted anywhere for approval,
there doesn't seem to be much concern for a standard form.  So the above
samples come in a range from the all-inclusive, policy/procedure
document to ones that seem to be broad policy needing supporting
procedures documented separately.

In general, how are folks handling Grahm-Leach-Bliley?  Is it being
dumped directly on to security folks or is it being handled as a larger
issue with support and advice from security?  The second is my
preference, but a couple of other groups (who might end up with
responsibility) have been trying to make it an IT Security issue only.

Thanks
-Chris

--
Christopher E. Cramer, Ph.D.
University Information Technology Security Officer
Duke University,  Office of Information Technology
253A North Building, Box 90132, Durham, NC  27708-0291
PH: 919-660-7003  FAX: 919-660-7076  CELL: 919-210-0528
PGP Public Key: http://www.duke.edu/~cramer/cramer.pgp


On Wed, 2003-07-16 at 13:39, Phillip G Deneault wrote:
> Does anyone have any good examples for policies that fulfill the 
> Gramm-Leach-Bliley Act?  I understand what I need to put in but not the 
> format.
> 
> We've missed the deadline to have submitted our policies and now its on my
> desk.  Woo.
> 
> Thanks
> Phil
> 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Phil Deneault     "We work in the dark, We do what we can,
> deneault at wpi.edu   We give what we have. Our doubt is our passion,
> WPI NetOps         and our passion is our task. The rest is the
> InfoSec            madness of art." - Henry James
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/unisog/attachments/20030716/46e0ef20/attachment-0003.bin


More information about the unisog mailing list