PM-10: Authorization Process

Privacy Baseline: Yes

The Tarleton State University (Tarleton) Chief Information Security Officer (CISO) or their designee is responsible for:
- Ensuring that there are appropriate authorization processes to manage the security and privacy of Tarleton data and information resources;
- Designating individuals who are responsible for types of authorizations; and
- Integrating authorization processes into a university-wide risk management program that implements details from Control CA-6, Authorization, and is consistent with Tarleton’s risk tolerance as documented in the Risk Management Strategy (see Control PM-9, Risk Management Strategy).

None. See any applicable internal procedures.