Identification and Assessment of Risks to Customer Information

Information Security Plan Coordinator

Design and Implementation of Safeguards Program

Information Systems

Selection of Appropriate Service Providers

Continuing Evaluation and Adjustment

Footnotes

This Information Security Plan (“Plan”) describes North Central State College's (“NC State College”) safeguards to protect covered data and information.¹ These safeguards are provided to:

•  Ensure the security and confidentiality of covered data and information;

• Protect against anticipated threats or hazards to the security or integrity of such information; and

• Protect against unauthorized access to or use of covered data and information that could result in substantial harm or inconvenience to any customer.

This Information Security Plan also provides for mechanisms to:

•  Identify and assess the risks that may threaten covered data and information maintained by NC State College;
• Develop written policies and procedures to manage and control these risks;
• Implement and review the plan; and
• Adjust the plan to reflect changes in technology, the sensitivity of covered data and information and internal or external threats to information security.

II. Identification and Assessment of Risks to Customer Information