Each unit head who is a member of the President’s Council appoints a trusted member of his/her staff to serve as security liaison. In some cases, the President’s Council member decides to delegate this appointing authority to several members of his/her staff because the unit is so large and complex.
Responsibilities of the Security Liaison
- Keep the President’s Council member informed of proposed new security policies and how these might affect the unit.
- Ensure proposed policies are discussed by the appropriate people in the unit and feedback is provided to the Chief Information Security Officer (CISO).
- Ensure policies enacted by the university are disseminated and understood by people in the unit.
- Serve as the point of contact when someone in their unit or in the IT Security Office suspects or realizes a security incident has occurred. Serve as the unit’s liaison to the Computer Security Incident Response Team (CSIRT).
- Attend the semi-annual meetings of the Security Liaisons with the Chief Information Security Officer.
- Inform the Chief Information Security Officer of perceived gaps in security training and support programs.
- Appointed by a member of the President’s Council or delegate.
- Understands responsibility for interactive communications, within the unit and to the ITS.
- Understands the balance between security and business needs.
- Pursues clarity in policy development and revisions.
- Understands the impact of policy on departmental business process and communicates areas of concern.