My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2.5b ERMUSR 02-14-2023
ElkRiver
>
City Government
>
Boards and Commissions
>
Utilities Commission
>
Packets
>
2023
>
02-14-2023
>
2.5b ERMUSR 02-14-2023
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/6/2023 4:32:31 PM
Creation date
2/14/2023 9:50:20 AM
Metadata
Fields
Template:
City Government
type
ERMUSR
date
2/14/2023
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
3
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
ERMU Commission Policy — G.2g3 Information Security Committee Charter <br />The primary role of the Committee Chair is to run the Committee meetings and act as committee <br />secretary. The Committee will adhere to the Current edition of Robert's Rules of Order Newly <br />Revised for all situations to which they are applicable and are not inconsistent with ERMU's <br />bylaws, policies, and any special rules of order that the Commission may adopt; and similarly, <br />the Committee action shall not be inconsistent with applicable laws and policies which regulate <br />the City of Elk River. The Committee meetings may be open or closed to employees at the <br />discretion of the Committee Chair. <br />AUTHORITY: <br />Except as established in this Committee Charter, the authority of the Committee is limited to the <br />purpose of research and recommendation to ERMU and the City. <br />SPECIFIC DUTIES: <br />Policies and Procedures: Assist ERMU and the City in the development of information <br />security related policies. Review effectiveness of information security policy <br />implementations. Identify and recommend how to handle non-compliance. Assist with the <br />development of information security related procedures, standards, guidelines, and baselines <br />to the ERMU and the City. At least annually, provide timely reports including <br />recommendations regarding effectiveness of polices and procedures to ERMU and City <br />leadership teams. <br />2. Risk Assessment: Review industry appropriate information security trends to maintain an up- <br />to-date perspective on related risks and industry's best practice risk mitigation methods. <br />Identify significant threats and vulnerabilities. Assess the adequacy and coordination of the <br />implementation of information security controls. Recommend methodologies and processes <br />for information security. Evaluate ongoing related legal and regulatory compliance changes. <br />Review incident information and recommend follow-up actions. At least annually, provide <br />timely reports including recommendation regarding risks assessment to ERMU and City <br />leadership teams. <br />3. Budget Development: Develop data needed for thorough evaluation of proposed information <br />security initiatives for budget preparation and consideration. Information shall include <br />options, risk evaluation, resource requirements, implementation timelines, and costs. At least <br />annually and coordinating with their respective budgeting process schedules, provide timely <br />reports regarding information security initiatives proposed for consideration to ERMU and <br />City leadership teams. <br />4. Education and Awareness: Function as an information security program champion providing <br />clear direction and unity in ERMU and City leadership teams' support for approved security <br />initiatives and policies. Develop and implement plans and programs to maintain information <br />security awareness. Promote information security education, training, and awareness <br />throughout ERMU and the City. <br />SCHEDULE: <br />Page 2 of 3 <br />
The URL can be used to link to this page
Your browser does not support the video tag.