The university has a procedure for authorizing internal interfaces between information resources.


  • The intended audience includes information resource owners and custodians. This control applies to dedicated internal connections between information systems (i.e., intra-system connections) and does not apply to transitory, user-controlled connections such as email and website browsing.


  • 1

    The information resource owner or designee shall:

    • 1.1

      Authorize intra-system connections of university information resources.

    • 1.2

      Document, for each intra-system connection, the interface characteristics, security requirements, and the nature of the information communicated.