Security Program

Program

Information Security Program

In coordination with the Colorado Commission on Higher Education, UCCS has developed a program to provide information security for the communication and information resources that support the operations and assets of UCCS in compliance with House Bill 06-1157[1] and updated in House Bill 11-1301[2].   In accordance with Article 37.5 of title 24, Colorado Revised Statutes, the Information Security Program includes the following process areas:

 

[1] House Bill 06-1157, Concerning the Security of Communication and Information Resources in Public Agencies, and Making an Appropriation in Connection Therewith

[2] Colorado House Bill 11-1301, Concerning Statutory Changes to Increase Efficiency in the Operations of Public Institutions of Higher Education

 

 

Risk Assessment

404.5.1(a)  -- Assess the risk and magnitude of the harm that could result from a security incident;

Security Standards

404.5.1(b)  -- Provide information security for the communication and information resources;

Awareness and Training

404.5.1(c)  -- Provide Information security awareness training for employees of UCCS;

 

Program Evaluation

404.5.1(d)  -- Test and evaluate of the effectiveness of information security at UCCS;

Incident Response

404.5.1(e)  -- Detect, report and respond to information security incidents;

Continuity Planning

404.5.1(f)  -- Plan to ensure the continuity of operations for information technology resources;

Information Security