(1)The College at Brockport Information Security Policy
Dr. John Halstead, on March 6, 2008 endorsed the following policy authorizing the Program:
The Information Security Program at The College at Brockport is an essential management function helping to ensure the confidentiality, integrity, and availability of sensitive information we formally own or control. The Program protects against reasonably anticipated threats and hazards to the security and integrity of such information, especially those that are prohibited by law and regulation. The Program helps all members of our community, especially our workforce, understand and effectively handle their responsibility for sensitive information. Chief forms of such responsibility are:
Individual Responsibility: Each person having access to information owned and deemed sensitive by authorities of SUNY is individually responsible for handling such information in accordance with policy and procedures established by SUNY authorities.
Supervisory Responsibility: In addition, each person having supervisory responsibility for people with authorized access to information owned and deemed sensitive by authorities of SUNY is individually responsible for implementing procedures for appropriate handling of such information in accordance with policy and procedures established by SUNY authorities
Institutional Responsibility: The College maintains an effective, comprehensive Information Security Program with assigned individual responsibility, for securing information owned and deemed sensitive by authorities of SUNY in accordance with applicable laws, regulations, policies, and standards of practice established by SUNY authorities. The College Information Security Oversight Committee and Chief Information Officer shall oversee the College’s Information Security Program.
Return to Other Policies and Procedures