Information Computing and Technology Services
ITCS Policies and Guidelines

Information Technology Security

History: March 15, 2011
Supersedes Policy Dated:

Effective Date:

Review Date:

Related Policies:
Contact for Information:
Director, IT Security 252.328.9187

1. IT Security Mission

The mission of Information Technology Security (IT Security) is to develop, oversee, evaluate and support policies, standards, procedures and programs to enhance and maintain a secure digital environment that safeguards the university's information resources. In pursuit of this mission, IT Security manages a security program that is comprehensive in scope but also flexible enough to respond to the ever-changing needs of information security.

2. IT Security Program Elements

2.1. User Education and Awareness

An Education and Awareness Program helps safeguard the University's information and information systems by promoting awareness and adoption of good security practices. These practices are presented in the form of university security policies, guidelines and procedures, training sessions and seminars, responsible computing brochures and other publications, user agreement forms and computer-based training.

2.2. Policy Development

IT Security develops security policies for ITCS and for the university that identify acceptable standards of use of our information resources. These policies are living documents, which require periodic reassessment to ensure that they meet the needs of the university. IT Security assists the university in complying with policies and procedures.

2.3. Incident Response

IT Security is responsible for managing the ITCS response to information security incidents. IT Security coordinates with university management to establish and maintain an information security incident response program. IT Security coordinates the incident response team during an information security incident. IT Security coordinates the activities of the incident response team with internal (legal, audit, etc.) and external groups (law enforcement, vendors, etc.). IT Security is responsible for documenting lessons learned from information security incidents to improve incident management procedures.

2.4. Risk Management

IT Security advises ITCS senior management in the establishment of a university IT risk management program based upon the university's goals and objectives. IT Security assists ITCS senior management in the development of a comprehensive risk management process to identify, assess and mitigate risks to the university's information assets.

2.5. User Account Management

IT Security is responsible for the creation, modification, and revocation of enterprise user accounts for the university. IT Security ensures the university applies industry best practices in the management of the university's user accounts.

2.6. Regulatory and Standards Compliance

IT Security is responsible for the application of the principles, policies and procedures that enable the university to meet applicable information security laws, regulations, standards and policies to satisfy statutory requirements, perform industry best practices and achieve the university's information security program goals. IT Security audits the university for regulatory and standards compliance and reports its performance in this area.

Contact Us

ITCS Admin - 252.328.9000
IT Help Desk - 252.328.9866
IT Help Desk - 800.340.7081
Classroom Tech - 252.328.9830
ITCS Leadership - 252.328.9000

Need Help?