UC Information Technology Leadership Council (ITLC)

Meeting, March 11, 2008

UC Davis

8:30 a.m. Room open and continental breakfast available

9:00 a.m. Policy Group Report from March 10th Meeting at UC Davis (Policy group meets at UC Davis, 2pm, March 10, 23820 Chiles Road, Room 215)

9:20 a.m. e-Discovery Update - Cynthia Vroom

9:45 a.m. UCITPS Process and Work Plans - Bob Ono

What is the review process for UCITPS prepared position documents or recommendations to the ITLC on security threats/vulnerabilities/issues? (Example - Security assessment program)

Should the steering group possess a role beyond the establishment of meeting agendas?

10:25 a.m. Break

10:45 a.m. Confidentiality of Security-Related Information - Amy Blum, Ross Bollens and Kent Wada (Amy will participate via conference phone)

What types of security information do/should we consider confidential?

What practices do/should we use to maintain confidentiality in sharing, posting or discussing such information?

11:30 a.m. UCSIRC Report - Bob Ono

Summary from UCI and UCD meetings, including work tasks

11:45 a.m. Lunch

12:45 p.m. OPTION: Demonstration of Updated UC Davis Secalert System (Automated system supporting email security alerts and security alert database queries)

1:00 p.m. System-wide Security Assessment - Jon Good/Karl Heins

Initial feedback: Did initial reports meet UCOP objectives?

Who will be analyzing the assessments?

Will a copy of the analysis be shared with UCITPS before release?

Lessons learned, e.g., did the assessment permit comparisons and contrasts between individual campus security programs?

Future enhancements to the assessment program and UCITPS role

Other post-security assessment program questions that have been raised by campus representatives

Campus/UC system response to assessment

2:25 p.m. AB1298 and Medical and Health Information - Gabe Lawrence and Patrick Nehls

What methods/tools are campuses using to inspect systems for health and medical information?

2:45 p.m. CPG Report: Network Management Practices Relating to Illegal File-sharing - David Walker

3:00 p.m. Proposal for Coordinating Security Operations across UC Campuses - Michael Green

3:25 p.m. Next Meeting Location and Host

3:30 p.m. Meeting Adjourns

8:30 a.m.	Room open and continental breakfast available
9:00 a.m.	Policy Group Report from March 10th Meeting at UC Davis (Policy group meets at UC Davis, 2pm, March 10, 23820 Chiles Road, Room 215)
9:20 a.m.	e-Discovery Update - Cynthia Vroom
9:45 a.m.	UCITPS Process and Work Plans - Bob Ono What is the review process for UCITPS prepared position documents or recommendations to the ITLC on security threats/vulnerabilities/issues? (Example - Security assessment program) Should the steering group possess a role beyond the establishment of meeting agendas?
10:25 a.m.	Break
10:45 a.m.	Confidentiality of Security-Related Information - Amy Blum, Ross Bollens and Kent Wada (Amy will participate via conference phone) What types of security information do/should we consider confidential? What practices do/should we use to maintain confidentiality in sharing, posting or discussing such information?
11:30 a.m.	UCSIRC Report - Bob Ono Summary from UCI and UCD meetings, including work tasks
11:45 a.m.	Lunch
12:45 p.m.	OPTION: Demonstration of Updated UC Davis Secalert System (Automated system supporting email security alerts and security alert database queries)
1:00 p.m.	System-wide Security Assessment - Jon Good/Karl Heins Initial feedback: Did initial reports meet UCOP objectives? Who will be analyzing the assessments? Will a copy of the analysis be shared with UCITPS before release? Lessons learned, e.g., did the assessment permit comparisons and contrasts between individual campus security programs? Future enhancements to the assessment program and UCITPS role Other post-security assessment program questions that have been raised by campus representatives Campus/UC system response to assessment
2:25 p.m.	AB1298 and Medical and Health Information - Gabe Lawrence and Patrick Nehls What methods/tools are campuses using to inspect systems for health and medical information?
2:45 p.m.	CPG Report: Network Management Practices Relating to Illegal File-sharing - David Walker
3:00 p.m.	Proposal for Coordinating Security Operations across UC Campuses - Michael Green
3:25 p.m.	Next Meeting Location and Host
3:30 p.m.	Meeting Adjourns