CSU POLICY
Section: INFORMATION SECURITY POLICY
| Section 8000 Policies |
Policy Number: 8015.0
Policy Title: Organizing Information Security
Policy Effective Date: April 19, 2010
Last Revision Date:
(see revision history)
POLICY OBJECTIVE
The CSU Information Security policy provides guidance for defining the governance structure of CSU Information Security Programs.
POLICY STATEMENT
Each campus must develop, implement, and document the organizational structure that supports the campus’ information security program. The organizational structure must define the functions, relationships, responsibilities, and authorities of individuals or committees that support the campus information security program. The governance structure must be reviewed at least annually. Review of the campus organizational structure that support the information security program must be documented.
Each President (or President-designee) and the Assistant Vice Chancellor for Information Technology Services (or the Vice Chancellor’s designee) must appoint a campus information security officer (ISO). The Assistant Vice Chancellor for Information Technology Services (or the designee of the Chancellor) is responsible for the systemwide Information Security Management program and may organize the responsibilities as appropriate.
Benjamin F. Quillian
Executive Vice-Chancellor/Chief Financial Officer
Approved: April 19, 2010
APPLICABILITY AND AREAS OF RESPONSIBILITY
REVISION HISTORY
RESOURCES AND REFERENCE MATERIALS
Useful Guidelines:
Related Principles:
Sound Business Practices:
Laws, State Codes, Regulations and Mandates:
COGNIZANT OFFICE(S)
CO Manager:Mr. William Perry
Chief Information Security Officer
CSU Office of the Chancellor
wperry@calstate.edu
Subject Expert:
Mr. William Perry
Chief Information Security Officer
CSU Office of the Chancellor
wperry@calstate.edu
Affinity Group:
