This control applies to the university Chief Information Officer (CIO).

University Rule 32.01.99.M1, Complaint Procedures for Electronic Information Resources, outlines procedures for investigating violations of System policy and University rules related to information resources, including information security controls.

University Rule 32.01.99.M1 outlines a formal sanctions process when suspected policy or rule violations are found.