Information Security, Risk & Assurance : Assessments

  • Complete the UNC System Security Framework/Baseline (based on ISO 27002) and use the resulting Gap Analysis to develop plans to improve NC State’s regulations, standards, processes and technical implementation of computer security
  • Manage assessment and maintenance of  university compliance with the Payment Card Industry – Data Security Standard (PCI DSS) for all card payment processing within the university
  • Act as a source of expertise regarding the Family Educational Rights and Privacy Act of 1974 (FERPA or the Buckley Amendment) for student privacy
  • Perform an annual assessments on the computer security of the four departments at the university that must comply with the The Health Insurance Portability and Accountability Act (HIPAA), assist also with staff training and act a source of advice on aspects of HIPAA
  • Act as the university agent for the Digital Millennium Copyright Act (DMCA) responses to copyright holder notifications of infringement and conduct annual reviews to assess and improve compliance with the copyright provisions of the Higher Education Opportunities Act (HEOA)
  • Conduct security assessments of software and other products from an IT security perspective, as requested by university management and staff