The UH Cullen College of Engineering has taken a step towards enhanced information security with the addition of a newly appointed role. Director of Engineering Computing John Young recently became the college’s Certified Information Security Officer, having met several criteria for this designation.
All UH colleges and divisions are required to appoint three roles for information technology resource management, one of which is the information security officer (ISO). According to Jana Chvatal, University Information Technology (UIT) Security Compliance Manager, the ISO is officially designated by the college Information Resource Management and is responsible for managing the college’s information security functions in accordance with established policies and guidelines.
Going beyond this designation, ISOs become certified by meeting additional standards set forth by UIT Security. These include demonstrating an enhanced level of education and knowledge in information security, and participating in a workshop presented by the UH Chief Information Security Officer which outlines the roles and responsibilities of a college ISO.
The certification requirements are set forth to help ensure the ISO is successful in their role, as this is an added responsibility on top of their daily job duties, said Chvatal. The workshop ensures the ISO understands their role, and how to comply with MAPP 10.03.06 and other UH policies. The advanced level of education requirement allows them to demonstrate that they have the appropriate knowledge of information security to apply relevant principles within their area to identify, reduce and mitigate risk. By upholding these standards for each college and division, the ISO is well positioned to ensure appropriate security risk management across all of UH.
“John is doing outstanding things in [the Cullen College of Engineering] toward increased IT security, which are being noted and adopted by others throughout the campus,” said Mary Dickerson, Executive Director of UH IT Security. “We are all very fortunate to have John as one of our information security colleagues.”