Effective Date: July 1, 2007
Columbia University values the ability to openly communicate and share information as appropriate. The University information (whether belonging to University or held in trust on behalf of its clients and business partners) is an important asset that shall be protected. Any person/organization that uses or provides information resources has a responsibility to maintain and safeguard these assets. As such, users are required to abide by this Columbia University Information Security Charter and subsequent policies and procedures.
Reason for the Policy
This policy presents the philosophy of information security within the University and represents the endorsement of Columbia University's executive management team. It identifies the motivation for security, describes information security principles and terms, and defines the scope of information security policies and responsibilities of various security functions.
This policy establishes the expectations for all users of the University's information resources and data.
Primary Guidance to Which This Policy Responds
This policy is established under the provisions of the Columbia University Information Technology Security and Policy Program.
Responsible University Office & Officer
The Columbia University Information Technology Security Office is responsible for the maintenance of this policy, and for responding to questions regarding this policy. The Chief Information Security Officer (CISO) is the responsible officer.
This policy was established in July 2007.
Who is Governed by This Policy
This policy applies to all individuals who access, use, or control University information resources. Those individuals covered include, but are not limited to staff, faculty, students, those working on behalf of the University, guests, tenants, visitors, and individuals authorized by affiliated institutions and organizations.
Who Should Know This Policy
All individuals governed by this policy should be familiar with it.
Exclusion & Special Situations
See full policy text at right