Sorry, this page has moved!
Please click here to go to the new location.

Enterprise Security

Background and Goals

At the February 2012 Department Heads Meeting the Enterprise Security Committee was given the green light to begin working on the following goals:
  • Work to reduce threats to physical and information security, while looking for solutions that make efficient use of resources.
  • Protect customer’s private/personal information.
  • Prevent loss of property.
  • Development, oversight, and monitoring of Compliance Program.
In order to achieve the above mentioned goals or desired state, the Steering Committee’s initial efforts focused on an organizational planning phase that produced the following deliverables:
  • Staffing Subcommittees,
  • Developing a Charter,
  • and Developing Guiding Principles.
The Charter and Guiding Principles provided the foundation for the committee to develop the Strategic Plan which adheres to the following methodology:
  1. Identify Actual State of security
  2. Identify Desired State
  3. Identify Objectives. These objectives must be aligned with the organization’s strategic objectives.
  4. Define a Strategy that will give the highest probability of success in achieving the Objectives. Cost, risk, duration, available resources, etc., will help define the Strategy.
  5. Identify steps / Projects needed to achieve Objectives. The collection of these projects constitutes the Security Program.
  6. Projects within the Security Program are identified as Short-term, Mid-term, and Long-term. Normally the classification in terms of duration is less than 3 months for Short-term, 3 to 6 months for Mid-term, and over 6 months for Long-term projects.
  7. Finally, projects identified in step 5, are prioritized in terms of risk and cost.
Although the Guiding Principles are not a specific step in formulating the Strategic Plan, they guide the decision making process at each step.

Strategic Plan
Security Committee Charter
Governance Organization Chart