Information Assurance

G12.01 Information Assurance

Policy statement

Missouri State University is dedicated to safeguarding the information entrusted to it by implementing comprehensive administrative and technical controls across its academic and administrative operations. This commitment ensures the confidentiality, integrity, and availability of information through a structured framework of policies and oversight. These policies apply to all university entities and cover areas such as risk assessment, information management, Artificial Intelligence use, physical security, network infrastructure, software development, third-party software management, identity and access management, training, incident management, disaster recovery, regulatory compliance, and data governance.

Information Security Framework

The , led by the Information Security Officer, in collaboration with stakeholders and relevant University committees, oversees information security activities and is responsible for:

• Developing a shared vision of the University’s desired information security policies and procedures
• Determining the appropriate resources required to achieve the desired outcomes
• Reviewing and enhancing existing policies and developing new policies to appropriately secure information resources
• Developing effective marketing and education plans to inform and raise awareness of information security issues
• Developing an action plan to respond to information security incidents

Standards and Compliance

The University adopts standards and procedures guided by the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), tailored to an academic environment.