The Chief Information Security Officer (CISO), or designee, is responsible for implementing this Control.

The CISO, or designee, is responsible for:

• 1.1

  Monitoring and controlling the external boundary of the network and at key internal boundaries within the network;

• 1.2

  Implementing subnetworks for publicly accessible system components that are logically separated from internal university networks; and

• 1.3

  Ensuring that connections to external networks or information systems occur only through managed interfaces consisting of boundary protection devices arranged in accordance with an approved security architecture.