I-001 Information Security Policy
Code: I-001
Date: March 29, 2011
Approved: David C. Danahar
Southwest Minnesota State University
Policy
Information Security
Pursuant to MnSCU Board Policy 5.23, it is the policy of the University to protect the security and privacy of its information resources and to make information accessible as required by law. The University shall maintain the confidentiality, integrity and availability of information resources; ensure continuity of operations; prevent, control and minimize the impact of security incidents; and manage risks to those resources regardless of the storage medium, transmission or disposal methods.
All users of University information resources are responsible for the privacy, security, and appropriate use of those resources over which they have authority, access or control, and for compliance with applicable laws, regulations, policies, procedures, and other standards.
This policy applies to all users of University information resources; and to all University information resources in any form or storage media, wherever located.
The Chief Information Officer in conjunction with the Information Security Team is charged with developing security and privacy procedures, standards and guidelines under this policy. These procedures, standards and guidelines shall be consistent with relevant policies, procedures and guidelines adopted by the MnSCU Board of Trustees and the Office of the Chancellor.
Users who violate this policy or related System, college or university procedures shall be subject to disciplinary action through appropriate channels. Violations may be referred to appropriate law enforcement authorities.