Approved by the CIO on December 4/09.
Policy # CIO-ITS-06.2
Excerpt: "The Chief Information Officer (CIO) is responsible for sponsoring, developing, and implementing a comprehensive information technology security strategy and policy framework which reflects the asset value of information and includes the entire technology infrastructure of the University. This Policy specifies the groups and individuals responsible and accountable for various elements of IT security practice."
Full text of "Approved" policy: Dated November 25/09 Roles and Responsibilities for IT Security.