Information Security, Risk & Assurance : Programs

Compliance with external constraints, including:

  •  Family Educational Rights and Privacy Act (FERPA)
  •  Health Insurance Portability and Accountability Act (HIPAA) security rule agent
  •  Higher Education Opportunity Act (HEOA)- copyright provisions and Digital Millennium Copyright Act (DMCA) university agent
  •  Gramm Leach Bliley Act (GLBA)
  •  FTC Red Flag Rule
  •  Payment Card Industry (PCI) Data Security Standard (DSS)
  •  North Carolina Identity Theft Protection Act of 2005
  •  North Carolina Public Records Act
  •  State Personnel Act

Security frameworks development and application, including:

  •  Data Sensitivity
  •  UNC System Security Crosswalk
  •  NC State University IT System Standards manual
  •  ISO 2700x series –  Information technology – Security techniques – Code of practice for information security management
  •  NIST 800-53 FIPS-PUB Recommended Security Controls for Federal Information Systems and Organizations
  • Security & Compliance Governance – Policy.