This Control applies to all Texas A&M information resources. The intended audience for this Control includes all information resource owners and custodians.

The information resource owner, or custodian, shall respond to findings from security and privacy assessments, monitoring, and audits in accordance with university accepted risk tolerance.