OIT Home > About OIT > Information Resource Standards > Information Security Administrator (ISA)
Information Security Administrator (ISA)
The program for Information Security Administrators is designed to complement the information security program and to augment the protection of data and computing resources by identifying, training and assisting qualified representatives in the departments of the University. The responsibilities of the ISA’s are established in UTS 165, UT System Information Resources Use and Security, p. 13: http://www.utsystem.edu/bor/procedures/policy/policies/uts165.pdf. The ISA must be appointed by the department head or the principal investigator of a grant. If needed, an Information Technology Associate may function as the ISA for a department, as long as that person is qualified. Small departments may share the services of one ISA, if approved by the Information Security Officer. ISA’s must be properly trained for their function. These individuals perform critical security tasks, which if not performed correctly can lead to costly information security breaches. A department unable to provide or obtain appropriate technical training for the ISA, should not host departmental information systems and data. Those functions should be moved to the institution’s central IT organization or be outsourced to an organization capable of providing professional services in a secure environment. |
||||||||||||||||||||||||||||||||||||||||||||
Effective Date:February 1, 2011 Compliance Date:September 1, 2011 Last Revision:January 26, 2011 |
||||||||||||||||||||||||||||||||||||||||||||
|
Tools