Information Security Program at NC State

This website documents the Information Security Program at NC State University, which provides information security assurance, security awareness, and guidance to the campus community. 

The NC State University Information Security Program provides oversight and guidance for the security of the university’s systems and data in a manner consistent with industry best practices and the university’s compliance obligations. 

How this Site Is Organized

To help you find what you need easily and quickly, this site is organized into the following sections, which you can access from any page by using the links listed in alphanumerical order on the right side of your screen.

Leadership, Governance & Collaboration

  • Cybersecurity Leadership — Specifies the responsibilities of cybersecurity leadership at NC State, a top-down hierarchy of management and contact information for the Office of Information (OIT) Security & Compliance (S&C) team.
  • Governance, Strategy & Roadmaps — Discusses governance of the Information Security Program, which addresses the framework of processes and structures specifying who makes decisions, how decisions are implemented, who is held responsible, and more.  Describes the Cybersecurity Strategic Plan & Roadmap, including our vision and mission while identifying key risks and goals.
  • Cybersecurity Threat Awareness & Collaboration — Identifies the collaboration resources NC State consults regularly, not only for ongoing threat awareness but also for up-to-date training.

 Support for Campus Community

  • Cybersecurity Services — Describes all cybersecurity services that OIT offers to the campus community.
  • Compliance Assurance — Describes the types of compliance OIT S&C assures and how we assure the university meets compliance obligations.
  • Policies, Regulations & Rules (PRRs) — Lists and describes the university PRRs that OIT S&C develops and publishes to provide information security guidance to the NC State campus community.


  • Glossary — Defines the acronyms and terms used throughout the Information Security Program site.