Statement

WTAMU requires that providers of external information system services employ appropriate security controls in accordance with these standards and monitors security control compliance.

Applicability

This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, custodians, and users of information resources.

Implementation

WTAMU requires that providers of external information system services employ adequate security controls in accordance with these standards and monitors security control compliance.  The information resource owner or designee is responsible for:

• Third party providers compliance with WTAMU information security control catalog requirements and employ appropriate security controls in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
• Third party providers define and document oversite and user roles and responsibilities with regard to the system
• Third party providers employs processes to monitor security control compliance by service providers