Dartmouth Information Security Committee (DISC) Charter

The Dartmouth Information Security Committee (DISC) is a senior-level governance board that works to ensure Dartmouth departments and IT organizations employ security technology and processes to further Dartmouth’s key strategies and goals. DISC will identify information security practices and relevant technologies that can be leveraged to protect Dartmouth’s critical information, in electronic and other forms. It will draft and maintain an information security policy that incorporates these best practices into Dartmouth’s current operating principles. DISC members will champion good information security practices and advocate compliance with Dartmouth’s information security policy.

Goals

  1. Lead the development, review, and implementation of relevant information security policy, guidelines and standards that protect Dartmouth’s information assets and meet regulatory and business requirements, including protection of Personally Identifiable Information (PII), and Protected Health Information (PHI).
  2. Work with Information, Technology & Consulting (ITC) and the Cyber Security Initiative (CSI) to identify institution-wide information security processes and technology that clearly align with Dartmouth’s goals. CSI is Dartmouth’s IT Security working group which collaborates to address technical security issues and engage undergraduate and graduate students for this purpose.
  3. Develop a common set of strategies and metrics to be used campus-wide to mitigate risk and monitor their use.
  4. Ensure information security projects and initiatives are aligned with Dartmouth goals.
  5. Provide key leadership with input on information security threats, trends, and technologies and their potential applicability to Dartmouth.
  6. Collaborate with the CSI to ensure the College IT infrastructure is secure.
  7. Coordinate major IT security projects or changes with ITC leadership.
  8. Provide guidance to Dartmouth senior management on issues related to data privacy and related statutory requirements.

Annual tasks for DISC should include:

  1. Review Dartmouth’s campus-wide portfolio of information security initiatives, promoting achievement of key milestones (i.e., deployment of in-depth defense strategies and effective management of risk).
  2. Produce a bi-annual report on campus compliance with Dartmouth’s information security policy.

Membership

Key faculty, administrators, and technology leaders who have an interest in safeguarding Dartmouth’s information and privacy data, including representatives from the following:

General Counsel
President’s Office
Dean of Faculty
Dean of the College
Provost’s Office
Vice Provost for Research
Vice President for Finance
Office of Risk Management
Safety & Security
Information, Technology & Consulting
Library
Human Resources
Alumni Relations
Development

Frequency

DISC will meet monthly or as needed.

Details

Article ID: 63661
Created
Tue 10/9/18 11:33 AM
Modified
Tue 3/14/23 12:44 PM

Related Articles (2)

Server Operating System Security Patching
This document describes the Information Technology & Consulting (ITC) requirements for maintaining up-to-date operating system security patches on all Dartmouth College managed servers.

Related Services / Offerings (1)

Risk and Compliance Assessment
Request a Risk or Compliance Assessment