CSU POLICY
Section: INFORMATION SECURITY POLICY
| Section 8000 Policies |
Policy Number: 8070.0
Policy Title: Information Systems Acquisition, Development and Maintenance
Policy Effective Date: April 19, 2010
Last Revision Date:
(see revision history)
POLICY OBJECTIVE
The CSU Information Security policy provides direction and support for managing the acquisition, development and maintenance of CSU information systems.
POLICY STATEMENT
Campuses must integrate information security requirements into the software life cycle of information systems that contain protected data. The security requirements must identify controls that are needed to ensure confidentiality, integrity, and availability. These controls must be appropriate, cost-effective, and mitigate risks that may result from unauthorized access, use, disclosure, disruption, modification, or destruction of the protected data.
Benjamin F. Quillian
Executive Vice-Chancellor/Chief Financial Officer
Approved: April 19, 2010
APPLICABILITY AND AREAS OF RESPONSIBILITY
REVISION HISTORY
RESOURCES AND REFERENCE MATERIALS
Useful Guidelines:
Related Principles:
Sound Business Practices:
Laws, State Codes, Regulations and Mandates:
COGNIZANT OFFICE(S)
CO Manager:Mr. William Perry
Chief Information Security Officer
CSU Office of the Chancellor
wperry@calstate.edu
Mr. William Perry
Chief Information Security Officer
CSU Office of the Chancellor
wperry@calstate.edu
