Article 46 – Information Systems Risk Management
49030.7 ITS – Risk Management Other Systems
Revised April 16, 1993-
A risk analysis shall be submitted to the Information Security Unit (ISUInstitution Services Unit) for all systems that are non-critical applications but use one or more of the following:
-
Telecommunications.
-
Programs created or maintained by inmates.
-
Inmates as keyboard operators.
-
-
These applications require a risk analysis approved by ISUInstitution Services Unit prior to implementation.
-
The MISManagement Information Systems Committee may direct that a risk analysis be carried out for any new system when deemed necessary.