| Contents |
|---|
| |
Chief Information Officer
Responsible for ensuring the development and adoption of the Information Security Plan. Assign responsibility of Information Security Officer and Information Security Architect. Identify and make strategic decisions on information risk and risk acceptance.
Information Security Officer
Designated by the CIO, responsible for building, maintaining, and educating the campus on the Information Security Plan. Facilitate Plan compliance through collaborative relationships with academic and administrative officials, consistent with campus governance structure and policy compliance strategies.
Information Security Architect
Designated by the CIO, responsible for architecting and implementing technical controls within the Information Security Plan.
Information Security Coordinator
A person assigned responsibility for coordinating information security in a UCI division or school. This includes maintaining an inventory of computing systems containing protected data, participating in campus-wide information security coordination activities, and facilitating security in the division or school.
Information Security Coordinator List
Data Proprietor
A person who has responsibility for oversight of data or computing systems with access to protected data and with primary responsibility for determining the purpose and function of any data resource; often the chief administrative official of the Office of Record for the data resource.
The individual designated responsibility for the information and the processes supporting a specific University function. Resource Proprietors are responsible for ensuring compliance with federal or state statutory regulation or University policy regarding the release of information according to procedures established by the University, the campus, or the department, as applicable to the situation. Responsibilities of Resource Proprietors may include, for example: specifying the uses for a departmentally-owned server; establishing the functional requirements during development of a new application or maintenance to an existing application; and determining which individuals may have access to an application or to data accessible via an application. All Electronic Information Resources are University resources, and Resource Proprietors are responsible for ensuring that these Resources are used in ways consistent with the mission of the University as a whole.
This is usually a senior manager or administrator within a unit.
Data Custodian
A technical partner of the Data Proprietor who is responsible for the implementation of data systems and the technical management of data resources, as directed by the Data Proprietor.
The authorized University personnel who have physical or logical control over a specific Electronic Information Resource. This includes, for example, central campus information technology departments with maintenance responsibility for an application; departmental system administrators of a local area network; and database administrators for campus-wide or departmental databases. This role provides a service to a Resource Proprietor.
This is usually an IT manager or liaison.