The purpose of this policy is to formally establish an information security program within the College.  Most of Sinclair Community College’s financial, administrative, and student systems are accessible through the campus network. As such, they are vulnerable to security breaches that may compromise sensitive information and expose the College to asset losses and other risks.  An information security program is necessary to ensure that the College:

• Establishes a college-wide approach to information security, including appropriate security awareness training and education for constituents.

• Complies with federal and state statutes and regulations regarding the collection, maintenance, use, and security of information assets.

• Establishes and implements prudent, reasonable and effective practices for the protection and security of information assets, including protection of sensitive and confidential information against accidental or deliberate unauthorized disclosure, modification or destruction.

• Develops effective mechanisms for responding to real or perceived incidents involving breaches of information security.

This policy establishes a program charged with ensuring the College meets or exceeds its legal and ethical responsibilities for securing its critical and sensitive information assets.