Texas Administrative Code
Title 1 - ADMINISTRATION
Part 10 - DEPARTMENT OF INFORMATION RESOURCES
Chapter 202 - INFORMATION SECURITY STANDARDS
Subchapter C - INFORMATION SECURITY STANDARDS FOR INSTITUTIONS OF HIGHER EDUCATION
Section 202.70 - Responsibilities of the Institution Head
Universal Citation: 1 TX Admin Code § 202.70
Current through Reg. 50, No. 13; March 28, 2025
(a) The agency head of each state institution of higher education is ultimately responsible for the security of state information resources.
(b) The agency head or their designated representative, shall:
(1) designate an Information Security Officer who has the explicit authority and the duty to administer the information security requirements of this chapter institution wide;
(2) allocate resources for ongoing information security remediation, implementation, and compliance activities that reduce risk to a level acceptable to the institution head;
(3) ensure that senior institution of higher education officials and information-owners, in collaboration with the Information Resources Manager and Information Security Officer, support the provision of information security for the information systems that support the operations and assets under their direct or indirect (e.g., cloud computing or outsourced) control;
(4) ensure that the institution of higher education has trained personnel to assist the institution of higher education in complying with the requirements of this chapter and related policies;
(5) ensure that senior institution of higher education officials support the institution of higher education Information Security Officer in developing, at least annually, a report on institution of higher education information security program, as specified in §
202.71(b)(10) and §
202.73(a) of this chapter;
(6) approve high residual risk management decisions as required by §
202.75(4) of this chapter;
(7) review and approve at least annually institution of higher education information security program required under §
202.74 of this chapter; and
(8) ensure that information security management processes are part of the institution of higher education strategic planning and operational processes.
Disclaimer: These regulations may not be the most recent version. Texas may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.