CA-6 Security Authorization

Initial Implementation: 10/1/2022
Last Review: 10/10/2025

Statement

WTAMU must identify an owner for each information system. The owner must authorize the information system for processing before commencing operations.

Applicability

This control applies to all West Texas A&M personnel who use University information resources.

Implementation

The CIO and ISO will identify the appropriate information resource owner for system used by multiple departments.
A resource custodian within IT shall be assigned to all information resources. Assignment will be based on the use of the system and its alignment with the University.
The CIO is responsible for authorizing implementation of all Information Systems.
The CIO and ISO will verify required security controls are in place prior to a system implementation, and when major changes are implemented, as needed.