Program Management (PM) 

Purpose – 

The Information Security Program Plan is a formal document that provides an overview of the security requirements for the Tarleton State University (Tarleton) information security program. This family of controls describes requirements related to the Information Security Program Plan.  

---

Scope and Roles – 

This policy applies to information resources owned or managed by Tarleton. The intended audience includes the Tarleton Chief Information Officer (CIO), Chief Information Security Officer (CISO), and information resource owners and custodians. 

---

Compliance – 

The Information Security Program Plan and associated controls are implemented to ensure compliance with Title 1 Texas Administrative Code (TAC) §202.70, §202.71, §202.72, §202.73, §202.74, Texas Government Code (Tex Gov’t Code) §2054.133, the Texas Department of Information Resources (DIR) Security Control Standards Catalog as required by TAC §202.76, and Texas A&M University System (TAMUS) Regulation 29.01.03, Information Security.