The primary goal of the College's Information Security program is to protect the information assets supporting the College's primary business functions. The program is aligned with the ISO/IEC Information Security Standard (ISO 27002:2005) and has the following objectives:
- Identify, assess, and treat information security risks.
- Develop and communicate information security policies, standards, and guidelines.
- Promote an effective information security awareness and training program commensurate with the needs of the College.
- Secure the College's information assets including hardware, software, data, and infrastructure.
- Provide identity management services for the College's information systems.
- Maintain an IT disaster recovery plan that meets the recovery time objectives set forth in the College COOPs.
- Manage and respond effectively to information security incidents.
Support College compliance efforts related to IT and Information Security.
Information Security is Everyone's Responsibility!