Information Security Advisory Group
1. Purpose and Authority
The purpose of the Information Security Advisory Group (ISAG) is to regularly review any data and systems security-related incidents, threats, trends, and/or recommendations escalated by the Information Technology (IT) Security Officer and make recommendations to address these. The ISAG will work with the IT Security Officer and appropriate university offices to implement these recommendations and, through the CIO, will report any compliance-related issues to the Vice President for Finance and Operations.
2. Objectives and Scope of Activity
The ISAG will make recommendations to address specific information security incidents, threats, and trends and also recommend strategic direction for the Information Security Program to ensure that it supports the University mission, improves the overall security posture of the University and is appropriately supported, funded and implemented within the University community.
In addition, the ISAG will:
- Provide guidance and support to the IT Security Officer for the implementation and maintenance of the Information Security Program.
- Identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy.
- Advise and make recommendations to the Vice President for Finance and Operations and the President of the University on information security and privacy issues pertaining to UND information systems.
- Identify various methods by which awareness of information technology security issues is raised among university and college computer and network users, administrators, and executives.
- Oversee development and update of policies on privacy, security, access and disclosure.
- Endorse and encourage implementation of campus-wide standards and processes to improve information security.
- Be a sounding board regarding privacy and information security issues.
- Engage the campus community in open discussion of privacy and security concerns for purposes of general education.
- Chief Information Officer (CIO)
- Deputy CIO
- Associate VP of Student Services
- Associate VP of Academic Affairs
- General Counsel
- Director of Emergency Management and Public Safety
- Director of Human Resources
- IT Security Officer