Information Security

Some of the goals identified under Information Security pertain to the development of the institutions risk management and security strategy:

• Establish security and risk management policies, plans and systems that guide the University community, minimize risks and protect the University’s assets from threats and loss
• Implement Administrative systems and business processes that utilize appropriate technologies to securely, efficiently and effectively deliver the highest level of service to the University
• Conduct ongoing technology planning process at all levels that foster continuous improvement by creating transparent processes, establish clear priorities, create measurable objectives, assess outcomes and inform the University community

Goals for the Information Security program are as follows:

• Develop, Approve, and Promote a Comprehensive Information Security Policies and Standards Suite
• Develop an effective risk management program and a disaster recovery process that contains both the definitions and the practical guidance necessary for assessing and mitigating risks identified within IT systems
• Design and implement an IT Security incident response program to ensure that the proper methods for handling IT Security incidents are followed and reported
• Develop and implement an ongoing university-wide security awareness and training program, to ensure that faculty, staff, and administrators understand their security responsibilities, USG and organizational policies, laws and regulations and how to properly use and protect the resources entrusted to them