Skip Ribbon Commands
Skip to main content
Sign In

Quick Launch

As an ent​ity of the Virginia Community College System (VCCS),

we are bound by the policies, models, standards, and guidelines set forth by the

VCCS Information Security Program

 

The purpose of security controls is to perform the tasks in the:

  • management,
  • planning,
  • technical,
  • operational safeguards
  • and security measures
​to ensure confidential and sensitive information is secure, that data remains intact, and that services remain available to our patrons. 
 
These resources are vulnerable to being rendered unusable or crippled due to sabotage, human error and natural disasters.  To preserve the integrity of information technology resources, all areas of the College must contribute to the appropriate level of protection of these mission critical resources. 

 

The primary areas of focus for security controls which significantly reduce threats are:

 

Information Security Risk Management Information Security Management Program Organization of Information Security
Human Resource Security Asset Management Access Control
Cryptography Physical and Environmental Security Operations Security
Communications Security System Acquisition, Development & Maintenance Supplier Relationships
Information Security Incident Management Information Security Aspects of Business Continuity Management Compliance
Cloud Services
 

The College constantly works to neutralize, or minimize, all known vulnerabilities identified via the risk assessment of information technology resources and environment.  While conducting business there remains inevitable risks that exist, therefore, it must be recognized that we function in this environment, yet strive to provide services while instituting reasonable protective measures.  The College will determine funding sources during planning to rectify, where applicable, any discrepancies of non-compliance with ISO/IEC 27002:2013(E), as identified from conducting the Business Impact Analysis and the Risk Assessment for Information Technology Infrastructure.

  

Contact the College Information Security Officer for further information or questions on the Information Technology Security Plan.  ​


CVCC