AC-22 Publicly Accessible Content

Description

In accordance with federal laws, executive orders, directives, policies, regulations, standards, and/or guidance, the general public is not authorized access to nonpublic information (e.g., information protected under the Privacy Act and proprietary information).

This Control addresses information systems that are controlled by the organization and accessible to the general public, typically without identification or authentication.

The posting of information on non-organization information systems is covered by organizational policy.

Applicability

The information resource owner, or designee, is responsible for ensuring that the measures described in this Control are implemented.

The intended audience for this Control includes, but is not limited to, all information resources owners and custodians.

This Control does not apply to faculty or student use of information resources for limited public forums; however, such use should follow TAMU-CC Acceptable Use Policy, Acceptable Use, Section 1.

Implementation

TAMU-CC shall:

  1. Designate individuals authorized to post information onto a publicly accessible information system. The IRM will designate a Primary Custodian ("webmaster") for all TAMU-CC websites. No website will be launched on the “.tamucc.edu” domain without the approval of the webmaster;
  2. Train authorized individuals to ensure that publicly accessible information does not contain nonpublic information;
  3. Review the proposed content of information prior to posting onto the publicly accessible information system to ensure that nonpublic information is not included; and
  4. Primary custodian (or designee) shall during the annual risk assessment process review the content on the publicly accessible information system for nonpublic information and removes such information, if discovered.
  5. Develop policies governing the procedures to post information on publicly accessible information systems.
  6. Ensure organizational security controls are applied to official social media use by the member.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events