Skip to Content

Information Security Office
Policy Index
Organizing Information Security
CSU Policy
Number: 8015.0 Revised: April 19, 2010

Policy Objective

The CSU Information Security policy provides guidance for defining the governance structure of CSU Information Security Programs.

Policy Statement

Each campus must develop, implement, and document the organizational structure that supports the campus’ information security program. The organizational structure must define the functions, relationships, responsibilities, and authorities of individuals or committees that support the campus information security program. The governance structure must be reviewed at least annually. Review of the campus organizational structure that support the information security program must be documented.

Each President (or President-designee) and the Assistant Vice Chancellor for Information Technology Services (or the Vice Chancellor’s designee) must appoint a campus information security officer (ISO). The Assistant Vice Chancellor for Information Technology Services (or the designee of the Chancellor) is responsible for the systemwide Information Security Management program and may organize the responsibilities as appropriate.

Back to the Sacramento State Information Security Policy Website