Missouri State University will protect the confidentiality, integrity, and accessibility of its information by providing policy and protective controls for the following areas:
Missouri State University is committed to protecting information entrusted to its care and will provide the appropriate infrastructure to meet that commitment. This policy applies to academic, administrative, auxiliary services, and all other entities under the direction of Missouri State University’s administration. “Information security” is defined as the protection of hardware, software, and data assets (both digital and physical) at a level commensurate with the risk associated with the asset. “Risk” is defined as the probability of loss based on threats, vulnerabilities, impact, and the likelihood a threat will be successful.
The Information Security Unit of the Computer Services department provides guidance and oversight of all information security-related activities. The Information Security Officer chairs an Information Security Executive Committee (ISEC)> This committee consists of representatives from the Office of the Provost, Faculty Senate, Administrative & Information Services, Financial Services, Enrollment Services, Residence Life, Housing and Dining Services, Research and Economic Development, Office of Development, General Counsel, President’s Office, West Plains campus, and the Student Government Association, and is responsible for:
Standards and procedures accompany all policy statements and are jointly developed by the areas governed by the policy, ISEC, and the Information Security Officer (ISO). The Chief Information Officer (CIO) will review all policies and procedures for accuracy and completeness and where appropriate bring them forward to Administrative Council for approval.
All policies are based on the ISO/IEC 27002:2005 framework, and for supporting procedures, the University will use the National Institute of Standards and Technology (NIST) FIPS and the 800-series of Special Publications for guidance. These have been adapted for use in a higher education environment.
All entities contained in or under the direction of the Missouri State University system.