[Global_industry_committee] CISO survey 2013 - status update - ready to go

Tobias tobias.gondrom at owasp.org
Thu Nov 15 17:11:37 UTC 2012

On 16/11/12 01:07, Eoin wrote:
> Finally the CISO survey is going live. (1.5 years after initial draft) :)
> I shall contact the industry ciso people I know. Do we have a template 
> email which is consistent so we can all use?

Not yet.
Do you want to prepare one?
(Am a little busy this week and should be able to make some time end of 
next week to write an email template etc., but you might be faster.)


> Great job!!
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> On 15 Nov 2012, at 16:46, marco.m.morana at gmail.com 
> <mailto:marco.m.morana at gmail.com> wrote:
>> Tobias, thanks for the effort, will coordinate with Jasmine @ NYC 
>> chapter and Tony @ Atlanta chapter to publicize the link with the 
>> survey as well as distribute a printed copy i created so we can start 
>> gathering responses from people attending the NYC meeting today and 
>> the CISO round table breakfast in Atlanta tomorrow.
>> Regards
>> Marco
>> Sent from my iPad
>> On 15 Nov 2012, at 11:06, Tobias <tobias.gondrom at owasp.org 
>> <mailto:tobias.gondrom at owasp.org>> wrote:
>>> Hello dear GIC fellows,
>>> a little status update on the CISO survey:
>>> thank you all so much for your feedback and input!
>>> I just finished to include all your feedback into the CISO survey 
>>> questionnaire. Unfortunately it took a little longer, but I hope a 
>>> total time of 4 weeks that we have been working on this should still 
>>> be acceptable. Unfortunately this delay may make it difficult for 
>>> Marco to push out the survey right away with his CISO guide 
>>> presentation tonight in NYC. (my apologies).
>>> https://www.owasp.org/index.php/Industry:GIC_CISO_Survey_2013
>>> Next steps are:
>>> 1. Kate was so kind to agree to put the questions into Surveymonkey
>>> 2. Sending out Survey:
>>> 2.1. I have latent agreements (which I still have to work on to 
>>> finalise and coordinate with you and our board) with EC-Council and 
>>> ISC2 to send this to their CCISO (EC-Council) lists and to the list 
>>> of Info Sec Managers at ISC2 members. When we have the survey in 
>>> surveymonkey I will follow up with both organisations and they can 
>>> send out the link to the survey to their user database.)
>>> 2.2. Beyond that I propose that each one of us will also send the 
>>> link to our contacts directly.
>>> 3. Treat participant email addresses confidential:
>>> Please note that there is an optional email field in the survey for 
>>> people who want to later receive the finished report via email. This 
>>> list of CISO emails, we should treat as confidential and 
>>> need-to-know only and remove from the normal survey data before 
>>> evaluating the data by the whole team and only use the addresses to 
>>> send the finished report to the people afterwards. I could imagine 
>>> that some organizations or companies might seek this kind of 
>>> information quite a lot, so we should be handling it with due care 
>>> and protecting it against disclosure or abuse.
>>> Just MHO.
>>> Best regards, Tobias

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/global_industry_committee/attachments/20121116/3ab8895d/attachment-0001.html>

More information about the Global_industry_committee mailing list