Introduction | Purpose | Definitions | Systems | Networks | Desktops, Terminals, and Devices | Data | Applications | Access Control | Notifications | Sanctions | Ongoing

Ongoing Policy Management

1. Tufts University reserves the right to modify this Security Policy. Audit Management and Advisory Services, the Tufts General Counsel and the Information Technology Council are available to advise the Information Security Officer on any changes made to this policy.
2. The Information Security Officer, under the authority of the Trustees of Tufts University, shall be responsible for the management and oversight of this Security Policy.
3. The Information Security Officer is responsible for performing an annual review of this Policy and for making any updates which are warranted.
4. The Information Security Officer is responsible for verifying that security standards, procedures and guidelines are established in support of this Security Policy.
5. The Information Security Officer is responsible for posting this Security Policy and any derivative standards, procedures and guidelines on the Tufts University web site. This web content shall be made accessible and available to all University employees, contractors, students, friends, associates, emeriti and agents.
6. The Information Security Officer will, if requested to do so, review school and department-specific security policy provisions being proposed in addition to the ones contained in this Security Policy.
7. The Information Security Officer will maintain a repository of data stewards, system, network and data managers and access coordinators.
8. The Information Security Officer will maintain a log of violations of this policy.