Statement

The University shall provide a publicly discoverable reporting channel for reporting of vulnerabilites discovered on any WTAMU system.

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

Texas A&M University System Cyber Operations serves as the central point of contact for public reporting of vulnerabilities in organizational systems and system components. A public link on all WTAMU websites is availble for anyone reporting vulnerabilites. Upon receiving a report from a public source, Cyber Operations will validate the report, determine the scope of impact across system members, implement global countermeasures to mitigate the immediate impact of the reported vulnerabilities across all affected members, and coordinate with information resource custodians to remediate the reported vulnerabilities for specific affected information systems.