Policy 7.1.10 - Information Security Program


I. Overview

The College operates and maintains an Information Security Program (“ISP”) to ensure the confidentiality, integrity, and availability of college data, based on classification, and those related information systems and services that are necessary to the support of the mission of the college and the students while maintaining compliance with local, State, and federal standards, policies, and laws.

The College uses the Statewide Information Security Manual published by the North Carolina Department of Information Technology as the principal cybersecurity framework for a system-wide information security and risk management program. The College’s use shall be consistent with the provisions of the State Board Code.

II. Cybersecurity Incidents

The College shall not submit payment or otherwise communicate with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.

Consistent with State law, the College consults with the North Carolina Department of Information Technology regarding cybersecurity incidents.

Adopted:
Legal Reference: 1B SBCCC 700 et. al; N.C.G.S. § 143-800

CAMPUS ALERT:

To further our efforts to ensure a secure learning environment we will be implementing MFA for our school applications Friday June 9th. Please download the Microsoft Authenticator App and make sure we have your most up to date cell phone number in our records.

Last Updated: Wednesday, May 3rd, 2023 at 9:30 AM

See Alert History