AboutAcademicsAdmissionsAlumni and FriendsAthleticsCampus Life
Home >
Strategic Plan > Objectives > Objective 8.3
page tools :

Objective 8.3

Enhance security and mitigate risks in all operational activities.


 

Reference to Previous Strategic Plans:

ExCom Member:

CAO, CFO, CIO, & CHRO

Assessment Tool:

Complete annual risk assessments for each department on campus [New] and report findings to campus and ConnSCU. Conduct annual surveys to measure levels of security compliance. Track “data breach incidents” and report annually. Complete and assess BOR “Information Security Risk Assessment” annual evaluation.

 

Baseline:

Risk assessment templates completed for Board of Regents in summer 2012.

Goal:

100% compliance

Progress:

Completed first “Information Security Risk Assessment,” Sept. 1, 2012. Developing plans to complete baseline risk assessment tool by June 30, 2013 (report available Aug 31).

 

Enabling Activities:

  • Create a BCP (Business Coordinating Planning) team to oversee the development of a baseline Business Continuity Plan (BCP) that would be updated at least annually.

  • The BCP Team will develop goals, objectives, and timeframes for implementation of the business continuity plan.

  • The BCP Team will work with and enable individual units assess and mitigate risk and will update the “risk assessment documentation” requested annually by the Board of Regents.

  • Establish roles for newly created Data Stewards and Data Custodians Review and disseminate “Records Retention” policy and monitor compliance.

  • Develop an “Information Security Strategy” for CCSU that is consistent with CSU’s “Information Technology Security Policy” (BR#06-10 and BR#06-9) including the implementation of “CSUS Information Security Standards.”

  • Enhance website, distribute “best practices,” and increase communication to improve awareness of the importance of information security.

  • Provide training for staff to enable them to identify and secure Personal Identifiable Information (Class A- Restricted) and develop appropriate safeguards for all sensitive data (Class B- Private).

  • Work with related groups (e.g. ConnSCU System Office and auditors) to conduct annual security assessments of procedures and compliance.

BACK TO GOALS & OBJECTIVES


© 2013 CENTRAL CONNECTICUT STATE UNIVERSITY  CONTACT US   SITE MAP      WEBMASTER      DIRECTIONS   CAMPUS ACCESSIBILITY
email page print page small type large type large type
powered by finalsite