To work with the entire UND community to protect the confidentiality, integrity, and availability of our critical information and computer resources.

To implement and advance secure computing practices with sensitivity to UND's educational environment which promotes academic and intellectual freedom, diversity, privacy, and individual rights.

UND ITSO Objectives

• Security Policy, Guidelines, and Procedures

The ITSO will work with the UND and NDUS community to recommend, develop, communicate, and implement IT security policies, guidelines and procedures.

• Security Assessment/Risk Analysis

The ITSO will work with the UND community to identify and document the information and information systems critical to UND's operation, identify threats and vulnerabilities, and develop and implement plans to minimize the risk to these systems.

• Federal and State Regulation Compliance

The ITSO will work in cooperation with the UND community and the appropriate campus compliance and safeguarding committees to provide information technology expertise in the effort to ensure compliance with all applicable Federal and State laws governing access to personal information, integrity of financial and health data, and copyright protections.

• Security Education, Training, and Awareness

The ITSO will provide information technology security information and training to users.  The ITSO will promote personal responsibility for securing data and IT resources and foster a community partnership for the exchange of knowledge and information.

• Incident Response

The ITSO will work with the UND Security Incident Response Team (SIRT) to provide assistance in responding to incidents when requested.  The ITSO will track incidents to be used for measuring IT security program effectiveness and to develop summary reports on the number and kind of incidents affecting UND.