Article 45 – Information Security
49020.7.2 Annual Information Security Self Certification
-
All CDCRCalifornia Department of Corrections and Rehabilitation employees requiring access to CDCRCalifornia Department of Corrections and Rehabilitation information assets are responsible for annually self-certifying that they are in compliance with applicable CDCRCalifornia Department of Corrections and Rehabilitation information security policies. The ISOInformation Security Officer is responsible for ensuring compliance with this policy. Responsibility for the dissemination of the policies rests with the owner and the designated ISCInformation Security Coordinators; responsibility for compliance rests with the end-users.
-
The following is required to ensure compliance with the above is maintained:
-
A separate statement of selfcertification shall be signed by every employee that accesses or uses CDCRCalifornia Department of Corrections and Rehabilitation’s information assets.
-
Each selfcertification shall be signed by a representative of the senior management from the organizational entity.
-
Each selfcertification is to be filed with the local ISCInformation Security Coordinators and available for review by the Information Security Office.
-