PM-7 Enterprise Architecture

Description

The enterprise architecture developed by the organization is aligned with the Federal Enterprise Architecture.

The integration of information security requirements and associated security controls into the organization’s enterprise architecture helps to ensure that security considerations are addressed by organizations early in the system development life cycle and are directly and explicitly related to the organization’s mission/business processes.

This process of security requirements integration also embeds into the enterprise architecture, an integral information security architecture consistent with organizational risk management and information security strategies.

For PM-7, the information security architecture is developed at a system-of-systems level (organization-wide), representing all of the organizational information systems.

The information security architecture is developed at a level representing an individual information system but at the same time, is consistent with the information security architecture defined for the organization.

Security requirements and security control integration are most effectively accomplished through the application of the Risk Management Framework and supporting security standards and guidelines.

The Federal Segment Architecture Methodology provides guidance on integrating information security requirements and security controls into

Applicability

Texas Administrative Code, Chapter 202 [TAC 202] assigns responsibility for the protection of information resources to the President of the University.

For the purposes of this Control, the authority and responsibility regarding the university’s compliance with TAC 202 have been delegated by the President to the Chief Information Officer (CIO).

Implementation

TAMU-CC shall develop an enterprise architecture with consideration for information security and the resulting risk to organizational operations, organizational assets, individuals, other organizations, and the nation. The TAMU-CC implementation of this standard is an outcome of TAC 202 implementation.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events