PM-3 Information Security Resources

Description

Organizations consider establishing champions for information security efforts and as part of including the necessary resources, assign specialized expertise and resources as needed.

Organizations may designate and empower an Investment Review Board (or similar group) to manage and provide oversight for the information security-related aspects of the capital planning and investment control process.

Applicability

This Control applies to the University Vice President for Information Technology and Chief Information Officer (CIO) working in cooperation with university administrative management and the University Chief Information Security and Privacy Officer (CISPO).

Implementation

TAMU-CC’s Vice President for Information Technology and Chief Information Officer (CIO) shall:

  1. Ensure that all capital planning and investment requests include the resources needed to implement the information security program and documents all exceptions to this requirement;
  2. Employ a business case/Exhibit 300/Exhibit 53 to record the resources required;
  3. Ensure that information security resources are available for expenditure as planned; and
  4. Implement this standard as incorporated into Texas Administrative Code, Chapter 202 [TAC 202].

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events