Information security is essential to the mission and institutional strategic goals of East Tennessee State University (ETSU). ETSU supports a comprehensive, campus-wide information security program and recognizes that information security is a shared responsibility. As a result, this policy sets forth the direction for implementing a comprehensive, industry accepted, standards-based information security program to adequately protect the confidentiality, integrity, and availability of information, and reduce risk to an acceptable level.
East Tennessee State University implements information security and privacy programs aligned with the National Institute of Standards and Technology (NIST). Risk management, information security, and privacy programs shall align with the University’s mission and its strategic goals, while taking into consideration the University’s risk tolerance and finding the appropriate balance between security, University requirements, applicable regulations, and academic freedom.
Authority: National Institute of Standards and Technology
Effective Date: 1/29/20
Responsible Official: Chief Information Officer and Senior Vice Provost
Responsible Office: Information Technology Services