Information Technology Security
Section: III. ADSV - 504
Approved By: Bill Ryberg, 1/11/18
Last Review: none
Last Revision: none
Prior Revisions: none
Initial Adoption: 1/10/18
Policy
The college will create, maintain, and review annually an lT Security Program, which
will outline specific measures and standards necessary for balancing college educational,
business, and lT Security objectives, and ensuring compliance with legal mandates
or applicable policies. The scope of this program includes the security of lT facilities;
electronic data; off-site data storage; computing and telecommunications equipment;
application-related services furnished by TCC, other state agencies, or commercial
concerns; internet-related applications and connectivity; and/or any other areas necessary
to mitigate lT-related risks. TCC's lT Security Program, and associated processes,
procedures, and practices may contain information (confidential or private) about
the agency's business, communications, computing operations, or employees. Person
responsible for handling and/or distribution of the lT Security Program should consider
the highly sensitive nature of the information as well as related statutory exemptions
from public disclosure and limit distribution to authorized entities and individuals
with a legitimate need to know.
Purpose
Tacoma Community College (TCC) places a high priority on lT security; seeks to deploy technology which meets organizational objectives while protecting system and network security, data integrity, and confidentiality; and seeks to operate in a manner consistent with the goals of the Washington State Office of the Chief lnformation Officer (OCIO) and SBCTC lT Security Policies to maintain a shared, trusted environment for the protection of sensitive data and business transactions. This policy establishes the basis upon which college lnformation Technology (lT) security standards and practices will be created, guiding the appropriate risk mitigation to ensure an effective and secure environment for lT processing and college-related activities.
To Whom Does This Policy Apply
lndividuals or groups of individuals responsible for overseeing, managing, or implementing applicable programs and services where information technology is deployed at Tacoma Community College.
References
RCW 42.56 Public Records Act
Washington State OCIO Policy 141 - Securing lnformation Technology Assets
Washington State OCIO Policy 141.10 - Securing lnformation Technology Assets Standards
Definitions
None
Procedure
None