PS-2 Position Risk Designation

Description

Position risk designations reflect Office of Personnel Management policy and guidance.

Risk designations can guide and inform the types of authorizations individuals receive when accessing organizational information and information systems.

Position screening criteria include explicit information security role appointment requirements (e.g., training, security clearances).

Applicability

This Control applies to all information system owners and managers.

Implementation

All authorized users (including, but not limited to, state organization personnel, temporary employees, and employees of independent contractors) of the state organization’s information resources, shall formally acknowledge that they will comply with the security policies and procedures of the state organization or they shall not be granted access to information resources. The head of TAMU-CC personnel management, or his or her designated representative, will determine the method of acknowledgement and how often this acknowledgement must be re-executed by the user to maintain access to state organization information resources.

TAMU-CC resource owner or custodians, in conjunction with Human Resource shall:

  1. Assigns a risk designation to all organizational positions;
  2. Establishes screening criteria for individuals filling those positions; and
  3. Reviews and updates position risk designations annually.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events