K-State’s new System Development and Maintenance Security Policy helps ensure that security is considered at all stages of an information systems’ life cycle. Too often, security is an afterthought when a new application is implemented, or a change to an existing system introduces a new security vulnerability and thereby places university data at risk.
This policy targets anyone involved in the acquisition, implementation, or maintenance of an enterprise information system or “systems that require special attention to security due to the risk of harm resulting from loss, misuse, or unauthorized access to or modification of the information therein.” An example of the latter would be a departmental or college system that contains confidential student or personnel data.
The policy addresses the following areas: Continue reading “System Development and Maintenance Security Policy now in effect”
