The University of Memphis

Information Security Program



POLICIES

Issued:  October 6, 2016
Responsible Official:  Chief Information Officer
Responsible Office:  Information Technology Services

Policy Statement


Policy Statement

This policy applies to all information technology resources used to create, process, or store University data including, but not limited to, resources located on campus and cloud-based resources.This policy applies to all information technology resources used to create, process, or store University data including, but not limited to, resources located on campus and cloud-based resources.



Purpose


 

The purpose of this policy is to identify policies that form the Information Security Program and to identify roles and responsibilities regarding compliance with the Information Security Program.



Procedures


Roles and Responsibilities

The Chief Information Officer (CIO), or designee, is responsible for:

  • creating, maintaining, and monitoring compliance with information security policies;
  • periodically assessing the University infrastructure through appropriate means;
  • recommending and providing training opportunities regarding information security;
  • coordinating and collaborating with other University officials to ensure compliance with the Information Security Program;
  • providing reports to University officials regarding effectiveness of the Information Security Program.

 

Employees of the University, and contractors, are responsible for:

  • understanding these policies
  • conducting their job duties in accordance with these policies.

 

All other users of University information technology resources including, but not limited to, students, alumni, faculty emeriti, and other guests are responsible for:

  • understanding these policies

ensuring use of information technology resources are in compliance with these policies.



Links


Policy List

The Information Security Program includes the following University policies:

UM1535

Acceptable Use of Information Technology Resources

UM1713

Authorization for Use of Electronic Signatures

UM1691

Campus Data Security Policy

UM1337

Data Access

UM1762

Payment Card Industry (PCI) Compliance

UM1566

Security and Protection of Electronic Information Resources

UM1672

University Web Sites

 



Revision Dates


  UM1804 -- issued October 6, 2016


Subject Areas:

Academic Finance General Human Resources Information Technology Research Student Affairs
          XX