ISRA Programs

Compliance with External Requirements

The S&C ISRA team helps campus stakeholders comply with the following external information security requirements:

  • Family Educational Rights and Privacy Act (FERPA)
  • Health Insurance Portability and Accountability Act (HIPAA) security rule agent
  • Higher Education Opportunity Act (HEOA) — copyright provisions and Digital Millennium Copyright Act (DMCA) university agent
  • Gramm-Leach Bliley Act (GLBA)
  • FTC Red Flag Rule
  • PCI Data Security Standard (PCI DSS)
  • North Carolina Identity Theft Protection Act of 2005
  • North Carolina Public Records Act
  • State Personnel Act

Security Frameworks

The S&C ISRA team helps campus stakeholders apply the following information security frameworks to their environments:

  • Data Sensitivity
  • UNC System Security Crosswalk
  • NC State University IT System Standards manual
  • ISO 2700x series — “Information Technology – Security Techniques – Code of Practice for Information Security Management”
  • NIST 800-53 FIPS-PUB Recommended security controls for Federal Information Systems and Organizations
  • Security & Compliance Governance — Policy