Jump to other news and events
Purdue signature
 

West Lafayette Campus Policies

Delegation of Administrative Authority and Responsibility for Information Assurance, Security, and Awareness (WL-4)

Volume WL: West Lafayette
Chapter: N/A
Issuing Office: ITaP
Responsible Officer: Vice President for Information Technology
Responsible Office: ITaP
Originally Issued: August 25, 2003
Most Recently Revised: November 18, 2011

TABLE OF CONTENTS

Statement of Policy
Who Should Know This Policy
Contacts
History

STATEMENT OF POLICY

The following specific assignments of administrative authority and responsibility are hereby delegated to the Vice President for Information Technology for the West Lafayette campus to assist and act for the President. The Vice President for Information Technology shall:

  1. Have responsibility for:
    1. Implementation of effective and practical technology, groups and processes to secure the network and computing infrastructure of the University.
    2. Development and implementation of a security awareness program to be offered periodically to all University faculty, staff and students.
    3. Development of a risk assessment procedure to be used for ongoing monitoring of all University systems.
    4. Development of global, effective and practical University policies, procedures, guidelines and best practices related to information assurance and security.
  2. Have authority to disconnect any device or disable any account if it is believed that either is involved in compromising the information security of the University until such time it is demonstrated that the device or account no longer poses a threat. Devices will not be disconnected without consultation with agreed upon departmental or unit officials, unless a critical situation exists (i.e., serious vulnerability, denial of service, worm or virus attack) and organization officials cannot be contacted quickly.
  3. Have authority to stop application development or deployment efforts if it is found during a Risk Assessment that the impact of a particular threat will compromise the information security of the University until a remedy is implemented to reduce or eliminate the impact of that threat.
  4. Provide guidance and support for regional campuses in information assurance, security and awareness efforts as appropriate.

In all instances, administration and approvals shall be in accordance with existing laws, policies and regulation of the University as set forth in the Indiana statutes, the University Code, the Business Procedures Manual and the ByLaws and actions of The Trustees of Purdue University. Deviation from these policies will require advance written approval by the President of the University.

On each of Purdue’s regional campuses, the Chancellor shall be responsible for implementing and administering similar Delegation of Administrative Authority and Responsibility for Information Assurance, Security and Awareness.

WHO SHOULD KNOW THIS POLICY

President
Provost
Executive Vice President and Treasurer
Chancellors
Vice Presidents
Deans
Directors/Department Heads/Chairs
Principal Investigators
Business Office Staff
Administrative and Professional Staff
Clerical and Service Staff
All Employees
Undergraduate Students
Graduate Students
Faculty

CONTACTS

Contact Telephone E-mail
Office of the Provost (765) 494-0665
Office of the Executive Vice President and Treasurer (765) 494-9705 evpt@purdue.edu
Office of the Vice President for Information Technology (765) 496-2270 itap-securityhelp@purdue.edu

HISTORY AND UPDATE

November 18, 2011: Policy number changed to WL-4 (formerly V.1.1).

September 25, 2008: Contacts updated.