(D107) Information Security Governance
Governance is essential to the development and implementation of a security plan. It defines the framework and direction of the program and has the authority to effect change when requirements and/or objectives change.
Governance of the Security Program will be the responsibility of the Security Program Steering Committee. This broad-based group represents the stakeholders for all of the business, academic, and instructional activities for the campus. Security policies and procedures developed by campus units will be submitted to this group for review and approval. IT related policies are approved by the CIO. Other policies, depending on their scope and nature, may require the approval of the President's Cabinet. SUNY Polytechnic’s counsel will serve as a resource to this group when reviewing and approving policies.
Policy Adopted from StonyBrook.edu as of March 1, 2017