POLICY IMPLEMENTATION
TITLE: Information Security: Electronic Information and Information Systems Access Control
CODING: 00-01-95-15:20
DEPARTMENT & OWNER: Information Services & Technology, Denise Romano – CIO
AUTHOR: Information Security Office, Sonia DaSilva – Information Security Officer
CATEGORY: (check box)
Board of Trustees
Check one of the following actions:
New
Revised (Substantive)
Presidential
Policy Date:
04/20/2012
Implementation Date1: 04/20/2013
Compliance Date2:
04/20/2013
Policy Implementation Approach Summary
We will be leveraging the ongoing risk assessment to target those applications with confidential and
sensitive information. The Information Security Office will work with the information owners to identify
the personnel authorized to approve access to those sensitive applications, as well as schedule entitlement
reviews. This effort will likely require 6-12 months to complete, after which it will become an operational
process.
Regular Services
•
Information Security Office
o Risk assessment for your environment
o One-on-one support and guidance with information security policies.
IS&T Tools / Services
•
List of users with access to business’s applications.
Information / Assistance
For assistance or further information, contact either the:
•
Information Security Office:
o Web: http://www.umdnj.edu/infosecurity
• Information Services and Technology:
o Web: http://umdnjwebprod.umdnj.edu/ca/ist/index.shtml
• Project Management Office – Policy Services:
o Web: http://umdnj.edu/pmo or email [email protected]
1
2
Date by which the unit should be compliant with the policy.
Date by which compliance with the policy is mandatory.
Information Security Policy Implementation Outline
5/3/2012