Department of Corrections and Rehabilitation - Operations Manual

Cancel

Chapter 4 – Information Technology

Article 52 – Security Analytics and Continuous Monitoring Policy

XXXX XX, XXXX

View All Sections >

49090.5 Roles and Responsibilities

  • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) Chief Information Officer (CIO) or Designee

    • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) CIO or Designee owns this policy and is responsible for ensuring that all Owners of Information Assets, Information Asset Custodians, and users of CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) information assets are aware of this policy and acknowledge their individual responsibilities.

    • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) CIO or Designee is responsible for ensuring that this policy is reviewed annually, and updated accordingly.

    • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) CIO or Designee is required to audit and assess compliance with this policy at least once every 2 years.

  • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) Information Security Officer (ISOInformation Security Officer)

    • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) ISOInformation Security Officer shall assist Owners of Information Assets and Information Asset Custodians with the implementation of this policy.

    • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) ISOInformation Security Officer shall assist Owners of Information Assets and Information Asset Custodians in the analysis and assessment of risks posed by anomalous activities or identified events.

  • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) Owners of Information Assets and Program Management

    • Owners of Information Assets in collaboration with the Information Asset Custodians shall ensure that this policy is implemented and implementation is reviewed annually.

  • CDCRCalifornia Department of Corrections and Rehabilitation / CCHCS / CALPIACalifornia Prison Industry Authority (formerly PIA) Information Asset Custodians

    • Information Asset Custodians shall implement technology and process controls.

    • Information Asset Custodians shall maintain records of security monitoring controls implemented.