Office of Information Technology

Information Security Program

In coordination with the Colorado Commission on Higher Education, UCCS has developed a program to provide information security for the communication and information resources that support the operations and assets of UCCS in compliance with House Bill 06-1157[1] and updated in House Bill 11-1301[2].   In accordance with Article 37.5 of title 24, Colorado Revised Statutes, the Information Security Program includes the following process areas:

Risk Assessment


404.5.1(a)  -- Assess the risk and magnitude of the harm that could result from a security incident;

Security Standards


404.5.1(b)  -- Provide information security for the communication and information resources;

Awareness and Training


404.5.1(c)  -- Provide Information security awareness training for employees of UCCS;

Program Evaluation


404.5.1(d)  -- Test and evaluate of the effectiveness of information security at UCCS;

Incident Response


404.5.1(e)  -- Detect, report and respond to information security incidents;

Continuity Planning


404.5.1(f)  -- Plan to ensure the continuity of operations for information technology resources;
 
Feedback