IT Security Administration
The Assistant Vice President of IT (AVP-IT) is the University official responsible for developing and maintaining a University-wide information security program and has the following responsibilities for system security planning:
- Designates an Information Security Officer (ISO) who shall carry out the responsibilities for system security planning.
- Approves system security plans.
- Ensures that personnel with significant responsibilities for system security plans are trained.
Information Security Officer
The Information Security Officer (ISO) is the University official assigned responsibility by the AVP-IT for ensuring that the appropriate operational security posture is maintained for an information system or program. The information system security officer has the following responsibilities related to system security plans:
- Carries out the AVP-IT’s responsibilities for system security planning.
- Plays an active role in the development, review, maintenance, and acceptance of system security plans with information system administrators, application administrators, and the AVP-IT.
- Plays an active role in the identification, implementation, and assessment of the common security controls.
- Updates the system security plan whenever a significant change occurs.
- Possesses professional qualifications, including training and experience, required to develop and review system security.
IT Security Planning Team
The IT Security Planning Team is comprised of University officials assigned responsibility by the AVP-IT to develop, review, maintain and accept IT Security policies, plans, guidelines, and roadmaps. The team consists of members from various IT departments and related leadership roles such as VP Finance and Administration, Assistant VP of IT, Information Security Officer, Manager of Technical Services, Manager of Computer Systems, PC Application Specialist, and a representative of the University Faculty for Cybersecurity.