Integrated California State University Administrative Manual

Policy Glossary A - C

A B C D E F G H I J K L M N O P Q R S T U V-Z

Anti-virus Software
Software that detects or prevents malicious software.

Application
A software program designed to perform a specific function for a user. Applications include, but are not limited to, word processors, database programs, development tools, image editing programs, and communication programs.

Authentication
The process of confirming that a known individual is correctly associated with a given electronic credential; for example, by use of passwords to confirm correct association with a user or account name (is a term that is also used to verify the identity of network nodes, programs, or messages).

Authorized
The process of determining whether or not an identified individual or class has been granted access rights to an information assets, determining what type of access is allowed; e.g., read-only, create, delete, and/or modify.

Availability
Ensuring that information assets are available and ready for use when they are needed.

Biometric Devices
An instrument intended to validate the identity of an individual through comparison of a demonstrated intrinsic physical or behavioral trait with a record of the same information previously captured.  Examples: fingerprint, retina scan, voice recognition.

Business Continuity Planning
See CSU BCP Executive Order.

Campus
For the purposes of the CSU Security Program, a “campus” is any CSU campus as defined in Section 89001 of the California Education Code to include satellite locations and the Chancellor’s Office.

Campus Limited Access Area
Physical area such as a human resources office, data center, or Network Operations Center (NOC) that has a defined security perimeter such as a card controlled entry door or a staffed reception desk.

Campus Managers
Responsible for (1) specifying and monitoring the integrity and security of information assets and the use of those assets within their areas of program responsibility and (2) ensuring that program staff and other users of the information asset are informed of and carry out information security and privacy responsibilities.

Catastrophic Event
An event that causes substantial harm or damage to significant CSU information assets. Examples: earthquake, fire, extended power outage, equipment failure, or a significant computer virus outbreak.

Computer Security Incident Response Team (CSIRT)
The name given to the team that handles security incidents.

Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.  [44 U.S.C, SEC. 3542]

Control
Countermeasures (administrative, physical, and technical) used to manage risks.

Critical Asset
An asset that is so important to the campus that its loss or unavailability is unacceptable.

CSU Network
Any CSU administratively controlled communications network that is within the CSU managed physical space.  Such networks may interconnect with other networks or contain sub networks.

A B C D E F G H I J K L M N O P Q R S T U V-Z