Information Security, Risk & Assurance : Mission

Information technology compliance is the act of meeting rules regarding the operation and management of information technology resources (no matter who made the rules, what kind of rules they are, or who or what the rules apply to), while at the same time doing so in a way that is supportive of the educational culture and goals of the university. NC State will achieve and demonstrate compliance by making use of a multi-phase strategy which will include:

  • Understanding the implications of applicable regulations to IT implementation throughout the university
  • Performing security risk assessments for IT products, services, projects, and compliance goals
  • Creating and implementing a set of regulations, standards and controls to achieve effective compliance
  • Teaching, planning, monitoring, enforcing and documenting the control set on an ongoing basis