Better Know A Control

Learning Your Controls Catalog

Does the very mention of “Security Controls” make you queasy? Would you prefer a root canal over reviewing information security standards? Take heart!  The Information Security Controls Catalog doesn’t need to be daunting — it provides specific directions that can help you protect your information resources and align with state and federal requirements.

The Division of IT publishes a monthly email series designed to highlight some of the more significant security controls ... and why they are important to you! With our campus IT community following the same security standards, we can more effectively work together to keep Texas A&M safe.


Some Background (how the sausage is made)

Being an IT Professional at Texas A&M University means working within a complex landscape of information security regulations. In 2015, the state of Texas revised TAC §202 and created a set of minimum security controls, based on the standards outlined in NIST 800-53. This change consolidated many previous state regulations, and directed each state agency or university to create a local implementation of those security controls. Here at Texas A&M, that became our Information Security Controls Catalog.


The Archive

Date

Control

Topic

December 2019

RA-2

Data protection; encryption, data loss prevention (DLP) software, and webapp vulnerability testing