Statement

WTAMU requires that providers of external information system services employ adequate security controls in accordance with these standards and monitors security control compliance.

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

WTAMU requires that providers of external information system services employ adequate security controls in accordance with these standards and monitors security control compliance.  The information resource owner or designee is responsible for:

• Ensuring third party providers comply with organizational information security requirements and employ appropriate security controls in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
• Define and document oversite and user roles and responsibilities with regard to the system
• Employs processes to monitor security control compliance by service providers