Supplements System Policy 29.01, Information Resources
Approved March 3, 2013
Rule Statement
The Texas A&M Transportation Institute (agency) regards information resources as a vital part of fulfilling the mission of the system. The chief information officer (CIO) is responsible for coordinating the agency’s information resources, including ensuring, in consultation with the chief executive officer (CEO) or his designee, the effectiveness, confidentiality and efficiency of the agency’s information resources. In addition, the CIO, in consultation with the CEO or his designee, is responsible for ensuring that appropriate procedures and programs are implemented to safeguard computer systems, networks and data and to mitigate risks that may compromise information integrity, availability and confidentiality.
Reason for Rule
This rule implements System Policy 29.01 and provides guidance for the governance of information resources owned or in the custody of the agency.
Procedures and Responsibilities
AGENCY INFORMATION RESOURCES GOVERNANCE
1. The efficient and effective use of information resources is critical to the long-term success of the agency. To that end, the CEO is responsible for ensuring the CIO has implemented procedures for the appropriate management of information resources, including provisions designed to guarantee that information resources expenditures, regardless of funding source, are efficient and serve to improve agency services.
2. The CIO, with the CEO’s approval, shall establish an Network & Information Systems (NIS) Governance Council at the agency level that accomplishes the following:
(a) identifies and coordinates information technology projects and their priority among the agency’s research and operational areas;
(b) reviews and approves proposed information technology rules and procedures;
(c) reviews and approves information technology capital investment requests;
(d) reviews and approves the NIS Strategic Plan
Related Statutes, Policies, or Requirements
- Texas Administrative Code Ch. 202, Information Security Standards
- Texas Administrative Code Ch. 211, Information Resources Managers
- Texas Administrative Code Ch. 213, Electronic and Information Resources
- Texas Administrative Code Ch. 216, Project Management Practices
- Texas Government Code Ch. 552, Texas Public Information Act
- Texas Government Code Ch. 2054, Information Resources
- System Policy 21.04, Control of Fraud, Waste and Abuse
- System Policy 29.01, Information Resources
- System Policy 33.04, Use of System Resources
- Agency Procedure 29.01.99.I1.01, Acceptable Use of Information Resources
Definitions
- Authorized Agency Representative–an information resource owner or custodian, or other person designated by the agency director.
- Custodian of an Information Resource–a person responsible for implementing the information owner-defined controls and access to an information resource. Custodians may include NIS employees, other state employees, vendors, and any third party acting as an agent of, or otherwise on behalf of the agency.
- Information Resources–the procedures, computer equipment, computing facilities, software and data which are purchased, designed, built, operated and maintained to collect, record, process, store, retrieve, display, report and transmit information.
- Owner of an Information Resource–a person with statutory or operational authority for specified information (e.g., supporting a specific business function) and responsibility for establishing the controls for its generation, collection, processing, access, dissemination, and disposal. The owner of an information resource may also be responsible for other information resources including personnel, equipment, and information technology that support the information owner’s business function.
- User of an Information Resource–an individual or automated application authorized to access an information resource in accordance with the information owner-defined controls and access rules.
Contact Office
TTI Network & Information Systems
(979) 862-1417
