Information Security Program Plan (PM-1)

Under Texas Administrative Code §202.74, Institution Information Security Program, the university shall implement an information security program that includes protections, based on risk, for all information and information resources against unauthorized access, use, disclosure, modification, or destruction, including assuring the availability, confidentiality, and integrity of information.

Senior Information Security Officer (PM-2)

Texas A&M, as a State University, is required to comply with Texas Administrative Code, Title 1, Chapter 202 (TAC 202). The TAC 202 assigns responsibility for the protection of information resources to the President of the University. For the purposes of this Control, the authority and responsibility regarding the university’s compliance with TAC 202 have been delegated by the President to the Chief Information Officer (CIO).

Information Security Resources (PM-3)

Texas Administrative Code (TAC), Rule §202.70(2) requires the head of each state institution of higher education or his/her designated representative(s) to allocate resources for ongoing information security remediation, implementation, and compliance activities that reduce risk to a level acceptable to the institution head.