University Policies

Page tree

Versions Compared

Old Version 3

changes.mady.by.user Unknown User (kanchia1)

Saved on

compared with

New Version 4

changes.mady.by.user Alburger, Katherine A

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ROWAN UNIVERSITY POLICY

 


Title: Security Monitoring Policy
Subject: Information Security
Policy No: ISO:2013:

...

14        

...


Applies: University-Wide
Issuing Authority: Information Security Office - Chief Information Security Officer
Responsible Officer: Vice President for Information Resources and Chief Information Officer
Adopted: 07/01/2013
Amended: 06/01/2014
Last Revision:

...

07/

...

02/

...

2018


I. PURPOSE

A. The purpose of the Security Monitoring Policy is to ensure that information security and technology security controls are in place and effective. One of the benefits of security monitoring is the early identification of security issues or new security vulnerabilities. This early identification can help to prevent security incidents or to at least minimize the potential impact of such incidents. Other benefits include compliance with audit, FERBA, HIPPA, and state requirements.

...

A. All Rowan University Information and Information Technology which includes but is not limited to: servers, workstations, and network access devices are subject to ongoing monitoring. The inappropriate use of these systems and/or networks which violates the University’s policies or local, state and federal laws will be investigated as needed. The Information Security Office (ISO) will be responsible for conducting these investigations under the direction of the Chief Director of Information Security Officer (CISO).

B. The (CISO) Director of Information Security has the right to disclose the contents of electronic files, as required by law, Internal Audit, or General Counsel.

 C. All security monitoring will be performed by the ISO unless authorized by the CISODirector of Information Security.

 D. All security-related anomalies or other suspicious activity should be reported to the ISO for investigation.

...

Violation of this policy may subject the violator to disciplinary actions, up to or including termination of employment or dismissal from a school, and may subject the violator to penalties stipulated in applicable state and federal statutes.

 


By Direction of the CIO:

                                                                           

...

VP and Chief Information Officer