Educause Security Discussion mailing list archives
System Security Officer for federal agencies' restricted use data agreements
From: Steve Werby <steve.werby () UTSA EDU>
Date: Thu, 19 Jan 2012 13:43:40 -0600
As part of a restricted-use data agreement with a federal agency, my university is being asked to designate a System Security Officer (SSO). As part of the agreement, there are 3 roles - Senior Official (SO), Principal Project Officer (PPO) and the SSO. The PPO is the senior-most person in charge of daily operations involving use of the restricted-use data. The SSO can be assigned by the SO or PPO or the SO or PPO can serve as the SSO. For reference: The SSO shall be responsible for maintaining the day-to-day security of the licensed data. The SSO's assigned duties shall include the implementation, maintenance, and periodic update of the security plan to protect the data in strict compliance with statutory and regulatory requirements. In your institutions, what types of individuals serve as the SSO (the PPO, departmental IT, institutional information security officer, institutional information security staff, etc.)? -- Steve Werby Information Security Officer Office of Information Security (OIS) The University of Texas at San Antonio
Current thread:
- System Security Officer for federal agencies' restricted use data agreements Steve Werby (Jan 19)
- Re: System Security Officer for federal agencies' restricted use data agreements Mclaughlin, Kevin (mclaugkl) (Jan 19)