Sample Information Security Policy

1122 WordsSep 3, 20105 Pages
Preamble acknowledges an obligation to ensure appropriate security for all Information Technology data, equipment, and processes in its domain of ownership and control. This obligation is shared, to varying degrees, by every member of the company. This document will: 1. Enumerate the elements that constitute IT security. 2. Explain the need for IT security. 3. Specify the various categories of IT data, equipment, and processes subject to this policy. 4. Indicate, in broad terms, the IT security responsibilities of the various roles in which each member of the university may function. 5. Indicate appropriate levels of security through standards and guidelines. Scope of…show more content…
Advice and opinions on the Policy will be given by: • Information Technology Policy Committee (ITPC) • Information Technology Management Committee (ITMC) • Senior Executive Group (SEG) Formulation and maintenance of the policy is the responsibility of the Director, Information Technology Services Unit of the Business Office. 2. Policy Implementation. Each member of the company will be responsible for meeting published IT standards of behavior. IT security of each system will be the responsibility of its custodian. 3. Custodians. • ITS will be the custodian of all strategic system platforms. • ITS will be custodian of the strategic communications systems. • ITS will be custodian of all central computing laboratories. • Offices and Units will be custodians of strategic applications under their management control • Individuals will be custodians of desktop systems under their control. 4. Individuals. All ordinary users of company IT resources: • Will operate under the "Conditions of Use" provisions of the "Standards and Guidelines for All Users of Company Computing and Network Facilities." • Must behave under the "Code of Practice" provisions of the "Standards and Guidelines for All Users of Company Computing and Network Facilities." • Are responsible for the proper care and use of IT resources under their direct control. 5.

More about Sample Information Security Policy

Open Document