Statement

Reviews of West Texas A&M University's information security program for compliance with Texas Administrative Code 202 standards will be performed by both internal reviews conducted by the ISO and by individual(s) independent of the information security program. Independent assessors provide impartiality in reviews to avoid conflicts of interest.  Idependent assessors can be obtained from within other TAMUS organizations or by other public or private sector entities.

Applicability

This control applies to all West Texas A&M information resources. The intended audience for this control includes all information resource owners, custodians, and users of information resources.

Implementation

• A comprehensive review of the University’s security program performed by a qualified individual(s) independent of the information security program at least biannually.
• All reviews by independent assessors shall follow the controls implemented in CA-2 Control Assessments.