NMU's Compliance Database - Northern Michigan University
Risk assessment for information security
Reviewed By | Internal Auditor Owner |
URL: | https://www.gpo.gov/fdsys/pkg/CFR-2003-title16-vol1/pdf/CFR-2003-title16-vol1-sec314-4.pdf |
Regulation Reference Cite | 16 CFR 314.4(b) |
Level | Requirement |
Oversight Unit | INFORMATION TECHNOLOGY-TECHNICAL SERVICES |
Person Responsible | Felecia Flack |
Secondary Person Responsible | |
President / VP Level | President |
Description |
Identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of customer information that could result in the unauthorized disclosure, misuse, alteration, destruction or other compromise of such information, and assess the sufficiency of any safeguards in place to control these risks. |
Contacts and Data Sources |
https://www.ecfr.gov/current/title-16/chapter-I/subchapter-C/part-314/section-314.4 Currently assigned to Felecia but will need to be reviewed and may be overseen by another unit or by a committee. AW |
Internal Notes |
This compliance item has notes that are available internally to the oversight unit. Please contact the Risk Management Department for more information |