Monthly Archives: August 2014

Comments welcome on new structure for the UCISA Information Security Toolkit

We would like to invite comment from the community on the revised structure and content of the UCISA Information Security Toolkit which was agreed by the project group at a meeting last month.

photo_cropped1

The UCISA Information Security Toolkit  has been very successful, providing much needed assistance to information security professionals across the sector. Since the original funding application for the project in 2004, there have been a number of iterations of the document,  based upon changing standards and sector wide activity.  The last Toolkit was published in 2007 (third edition).

A number of factors have prompted a rewrite and expansion of the document: cloud technologies, PCI DSS, data classification and supportive practical advice in the form of appropriate feedback cycles (for example Plan/Do/Check/Act). The largest factor was the release of the BS ISO/IEC 27001:2013 standard in the autumn of last year.

The group comprising of colleagues from University College London, University of Oxford, Loughborough University, Cardiff University, the University of York and Janet have met regularly in person and via Skype in order to generate new content.   The revised Toolkit will include a number of practical case studies demonstrating what works and does not work in practice. Topics include: policy development;  raising user awareness;  investigations and research security.

The new Toolkit will be launched in March 2015 to coincide with  UCISA 2015, Edinburgh and Janet Networkshop43,  Exeter.

Matt Cook, Chair, UCISA Networking Group
Head of Infrastructure and Middleware,
Loughborough University, IT Services