Security at W&M

The primary goal of the College's Information Security program is to protect the information assets supporting the College's primary business functions.  The program is aligned with the ISO/IEC Information Security Standard (ISO 27002:2005) and has the following objectives:

1. Identify, assess, and treat information security risks.
2. Develop and communicate information security policies, standards, and guidelines.
3. Promote an effective information security awareness and training program commensurate with the needs of the College.
4. Secure the College's information assets including hardware, software, data, and infrastructure.
5. Provide identity management services for the College's information systems.
6. Maintain an IT disaster recovery plan that meets the recovery time objectives set forth in the College COOPs.
7. Manage and respond effectively to information security incidents.

8. Support College compliance efforts related to IT and Information Security.

Information Security is Everyone's Responsibility!