EM: P11-09 Implementation of the CSU Information Security Policy

Background

The California State University Information Security Policy was published in section 8000 of the Integrated CSU Administrative Manual on April 19, 2010. http://www.calstate.edu/icsuam/sections/8000/).

Scope of the CSU Information Security Policy

The CSU Information Security Policy shall apply to the following:

• All campuses
• Central and departmentally-managed campus information assets
• All users employed by campuses or any other person with access to campus information assets
• All categories of information, regardless of the medium in which the information asset is held or transmitted (e.g. physical or electronic)
• Information technology facilities, applications, hardware systems, and network resources owned or managed by the CSU

Auxiliaries, external businesses and organizations that use campus information assets must operate those assets in conformity with the CSU Information Security Policy.

Policy

Humboldt State University personnel and organizations are required to comply with the CSU Information Security Policy. Enforcement of CSU and HSU information security policies as well as compliance with federal and state regulations regarding information security is the responsibility of the President. 

The HSU President has delegated enforcement of information security policies to the HSU Information Security Officer (ISO). The ISO is responsible for the development and enforcement of University IT security policies, standards and procedures. IT Security Information as well as the HSU Information Security Plan is located at http://www.humboldt.edu/security.

All HSU information security policies are to be reviewed on an ongoing basis by the Information Security Officer (ISO) for compliance with the CSU Information Security Policy and federal and state regulations.