Information Technologies Security Program at the University of Mary Washington
Policy Statement
The University of Mary Washington regards security of its information resources as a critical institutional priority. To that end, it maintains a comprehensive information technologies security program that is overseen by the University's Information Security Officer and that is in accord with federal and state laws and regulations and University policies.
Introduction to the IT Security Program
The Information Technologies Security Program at the University of Mary Washington is coordinated by the Director of Information Technologies Security, who has been designated by the President as the institutional Information Security Officer (an official designation required by state government). It comprises a wide range of related activities, some managed at the institutional level and others managed at the level of individual systems. Consistent with related policies, standards and guidelines of the Commonwealth of Virginia, its primary components include
- Authentication, Authorization and Encryption
- Business Analysis and Risk Assessment
- Business Continuity Planning
- Data Security
- Incident Handling
- Monitoring and Controlling System Activities
- Personnel Security
- Physical Security
- Security Awareness
- Security Tool Kit
- Systems Interoperability Security
- Technical Communication
- Technical Training
- Threat Detection
Access to some components of the Information Technologies Security Program is restricted to specific University staff members in accord with exemptions included in the Virginia Freedom of Information Act (§ 2.2-3705.2.3).