PM-6 Information Security Measures of Performance

Description

Measures of performance are outcome-based metrics used by an organization to measure the effectiveness or efficiency of the information security program and the security controls employed in support of the program.

Applicability

Texas Administrative Code, Chapter 202 [TAC 202] assigns responsibility for the protection of information resources to the President of the University.

For the purposes of this Control, the authority and responsibility regarding the university’s compliance with TAC 202 have been delegated by the President to the Chief Information Security and Privacy Officer (CISPO), under the supervision of the Senior Associate Vice President for Information Technology/Chief Information Officer (CIO). (TAMU-CC Rule 29.01.99.C1, Security of Electronic Information Resources [TAMU-CC 29.01.99.C1 [PDF]])

Implementation

TAMU-CC’s Chief Information Security and Privacy Officer shall develop, monitor, and report on the results of information security measures of performance in an annual risk assessment, containing a Risk Management Plan.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events