|
Table of Contents
Statement of Policy
Who Should Know This Policy
Contacts
Statement of Policy
The following specific assignments of administrative authority
and responsibility are hereby delegated to the Vice President
for Information Technology for the West Lafayette campus to
assist and act for the President. The Vice President for Information
Technology shall:
- Have responsibility for:
- Implementation of effective and practical technology,
groups and processes to secure the network and computing
infrastructure of the University.
- Development and implementation of a security awareness
program to be offered periodically to all University
faculty, staff and students.
- Development of a risk assessment procedure to be used
for ongoing monitoring of all University systems.
- Development of global, effective and practical University
policies, procedures, guidelines and best practices
related to information assurance and security.
- Have authority to disconnect any device or disable any
account if it is believed that either is involved in compromising
the information security of the University until such time
it is demonstrated that the device or account no longer
poses a threat. Devices will not be disconnected without
consultation with agreed upon departmental or unit officials,
unless a critical situation exists (i.e., serious vulnerability,
denial of service, worm or virus attack) and organization
officials cannot be contacted quickly.
- Have authority to stop application development or deployment
efforts if it is found during a Risk Assessment that the
impact of a particular threat will compromise the information
security of the University until a remedy is implemented
to reduce or eliminate the impact of that threat.
- Provide guidance and support for regional campuses in
information assurance, security and awareness efforts as
appropriate.
In all instances, administration and approvals shall be in
accordance with existing laws, policies and regulation of
the University as set forth in the Indiana statutes, the University
Code, the Business Procedures Manual and the ByLaws and actions
of The Trustees of Purdue University. Deviation from these
policies will require advance written approval by the President
of the University.
On each of Purdue’s regional campuses, the Chancellor
shall be responsible for implementing and administering similar
Delegation of Administrative Authority and Responsibility
for Information Assurance, Security and Awareness.
Who Should Know This Policy
- President
- Provost
- Executive Vice President and Treasurer
- Chancellors
- Vice Presidents
- Deans
- Directors/Department Heads/Chairs
- Principal Investigators
|
- Business Office Staff
- Administrative and Professional Staff
- Clerical and Service Staff
- All Employees
- Undergraduate Students
- Graduate Students
- Faculty
|
Contacts
|
