The university’s Chief Information Security Officer (CISO) has the primary responsibility for the implementation of this Control.

Implement authorization processes to manage the security and privacy of university data and information resources.

Designate individuals to fulfill specific roles and responsibilities within the university risk management process.

Integrate the authorization processes into a university-wide risk management program