User login

Close
 

Information Security Charter

Effective Date: July 1, 2007

Policy Statement

Columbia University values the ability to openly communicate and share information as appropriate.  The University information (whether belonging to University or held in trust on behalf of its clients and business partners) is an important asset that shall be protected.  Any person/organization that uses or provides information resources has a responsibility to maintain and safeguard these assets.  As such, users are required to abide by this Columbia University Information Security Charter and subsequent policies and procedures.

Reason for the Policy

This policy presents the philosophy of information security within the University and represents the endorsement of Columbia University's executive management team.  It identifies the motivation for security, describes information security principles and terms, and defines the scope of information security policies and responsibilities of various security functions.

This policy establishes the expectations for all users of the University's information resources and data.

Primary Guidance to Which This Policy Responds

This policy is established under the provisions of the Columbia University Information Technology Security and Policy Program.

Responsible University Office & Officer

The Columbia University Information Technology Security Office is responsible for the maintenance of this policy, and for responding to questions regarding this policy.  The Chief Information Security Officer (CISO) is the responsible officer.

Revision History

This policy was established in July 2007.

Who is Governed by This Policy

This policy applies to all individuals who access, use, or control University information resources.  Those individuals covered include, but are not limited to staff, faculty, students, those working on behalf of the University, guests, tenants, visitors, and individuals authorized by affiliated institutions and organizations. 

Who Should Know This Policy

All individuals governed by this policy should be familiar with it.

Exclusion & Special Situations

None

See full policy text at right