IT Security Objectives
- Security Policy, Guidelines, and Procedures
The ITSO will work with the UND and NDUS community to recommend, develop, communicate, and implement IT security policies, guidelines and procedures.
- Security Assessment/Risk Analysis
The ITSO will work with the UND community to identify and document the information and information systems critical to UND's operation, identify threats and vulnerabilities, and develop and implement plans to minimize the risk to these systems.
- Federal and State Regulation Compliance
The ITSO will work in cooperation with the UND community and the appropriate campus compliance and safeguarding committees to provide information technology expertise in the effort to ensure compliance with all applicable Federal and State laws governing access to personal information, integrity of financial and health data, and copyright protections.
- Security Education, Training, and Awareness
The ITSO will provide information technology security information and training to users. The ITSO will promote personal responsibility for securing data and IT resources and foster a community partnership for the exchange of knowledge and information.
- Incident Response
The ITSO will work with the UND Security Incident Response Team (SIRT) to provide assistance in responding to incidents when requested. The ITSO will track incidents to be used for measuring IT security program effectiveness and to develop summary reports on the number and kind of incidents affecting UND.