The NC State OIT Security & Compliance (OIT S&C) ISRA group’s mission is information security compliance, aka the act of meeting rules regarding the operation and management of information technology resources (no matter who made the rules, what kind of rules they are, or who or what the rules apply to), while at the same time doing so in a way that is supportive of the educational culture and goals of the university.
NC State OIT S&C ISRA will achieve and demonstrate campus-wide compliance by making use of a multi-phase strategy:
- Understand the implications of applicable regulations to IT implementation throughout the university.
- Perform security risk assessments for IT products, services, projects, and compliance goals.
- Create and implement a set of regulations, standards and controls to achieve effective compliance.
- Teach, plan, monitor, enforce and document the control set on an ongoing basis.