Skip to main content

CA-6 Security Authorization

Description

The university authorizes the information resource for processing before operations or when there is a significant change to the system

Applicability

  • The intended audience includes information resource owners and custodians.

Implementation

  • 1 - The information resource owner or designee shall:

    • 1.1 - Assign an information resource custodian as the authorizing official for the information resource;
    • 1.2 - Ensure the authorizing official authorizes the information resource for processing before commencing operations; and
    • 1.3 - Ensure the security authorization is updated annually