目的
The purpose of this 系统和信息完整性 Information Technology Requirement (ITR) is to establish information security standards for the 系统和信息完整性 processes relevant to Anne Arundel 社区 College ("College") Information Technology Resources. The discipline of information systems security relies on the practice of ensuring and maintaining the 保密, 完整性, and availability of information systems and data transmitted, 加工过的, 和/或存储在这些系统中.
范围
This ITR applies to all College Information Systems and Information Technology Resources. All Information system custodians, their designees and contractors are responsible for adhering to this ITR. The AACC Security Program will maintain safeguards aligned with NIST SP 800-171 to ensure the protection, 完整性, 保密, and resilience of Information Technology Resources.
定义
系统和信息完整性 Requirements
系统和信息完整性 Requirements address security 控制s that are implemented within systems and organizations to provide assurance that the system and information being accessed has not been tampered with or damaged (完整性).
In a risk-based manner, AACC will implement NIST SP800-171 and SP800-172 security 控制s.
执行
Any 使用r with knowledge of a potential violation shall notify IIT as soon as practicable.
任何员工, contractor or other third-party performing duties on behalf of the College who violates may be denied access to Information Technology Resources and may be subject to disciplinary action, up to and including termination of employment or contract or pursuit of legal action.
豁免
Exceptions should be submitted to the vice president for Information and Instructional Technology Division, through the director of Information Security for review and approval. If an exception is granted a compensating security 控制 or safeguard will be documented.
突发事件
没有一个
评审过程
Information Technology Requirements will be reviewed every 12 months or sooner, if required. Guidelines and Processes will be reviewed every 24 months or sooner, if required.
指导方针标题: System and Integrity Information Technology Requirement
指导业主: Vice President for Information and Instructional Technology
指导管理员: 资讯保安总监
联系信息: 约翰•威廉姆斯 jwwilliams6@xoxozerol.net
批准日期: 1月. 8, 2024
有效日期: 1月. 8, 2024
历史: 2023年11月通过
适用于: 教职员工
相关政策: Acceptable Use of Information Technology Resources Policy
相关程序: Acceptable Use of Information Technology Resources Procedures
相关指南:
形式: N/A
相关法律: