Information Security

Information Security refers to policies and practices intended to protect information and systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Following University Management Procedure 300,  ITS houses the Chief Information Security Officer (CISO).  The CISO is a University resource for best practices in information security. Dedicated to assuring the confidentiality, integrity and availability of the University's information assets, this office works with the Internal Control Officer, Office of University Counsel, Internal Audit and supports the institution's Internal Controls initiative.

The CISO has overall responsibility for ensuring the implementation, enhancement, monitoring and enforcement of this program and provides direction and leadership  to ensure that appropriate safeguards are implemented, and to facilitate compliance with those policies, standards and processes.

The CISO is responsible for investigating all alleged information security incidents and violations. In this role, the ISO may refer the investigation to other investigatory entities, including law enforcement. The CISO will coordinate and oversee IT security program activities and reporting processes in support of this program and other IT security initiatives.

Additional policies and procedures of the University apply broadly to all systems and sensitive information on campus. They are as follows:

Related Documents

Last Updated: 8/4/16