Versions Compared

Old Version 21

changes.mady.by.user Lyons, Andrew H

Saved on

compared with

New Version Current

changes.mady.by.user Trubitt, Lisa V

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

It is primarily the responsibility of University Data Owners[2], or their designates, to develop local procedures to assure that the unit is in compliance with this standard and its associated procedures governing the removal, disposal, destruction, surplus, re-distribution, or exchange of media containing sensitive institutional data.

  • Each academic department, business unit, and affiliate shall designate or otherwise appoint an employee responsible for overseeing the proper removal and/or destruction of media containing University information.
  •  The designated employee will prepare and sign the Media Certification section of the OEM Report of Surplus Property form.
  • As part of their Internal Controls activities, academic departments and business units will report to the University Internal Control coordinator on their efforts to comply with this protocol during their regular Internal Controls reviews.

Compliance

Compliance with this standard and its related procedures will be in accordance with the Compliance section of the University's Information Security Policy.

...

Exceptions must be:

  • Requested from the ISOChief Information Security Officer.
  • Submitted in written form with the authorization of the employee responsible for compliance.

...

Location of Links to Documents for Electronic Versions of the Policy

Related Documents

...

NYS Information Security Policy (P03-002)[3]

...