PS-8 Personnel Sanctions
Description
The university employs a formal sanctions process for personnel failing to comply with established information security policies and procedures.
Applicability
- This control applies to the university Chief Information Officer (CIO).
Implementation
- University Rule 32.01.99.M1, Complaint Procedures for Electronic Information Resources, outlines procedures for investigating violations of System policy and University rules related to information resources, including information security controls.
- University Rule 32.01.99.M1 outlines a formal sanctions process when suspected policy or rule violations are found.