SI-4 System Monitoring

Last Review: 10/1/22


WTAMU monitors information systems to detect attacks, indicators of potential attacks, and unauthorized use in accordance with established monitoring objectives.


This Control applies to all West Texas A&M network information resources. The intended audience for this Control includes all information resource owners, and custodians of information resources.


The CIO and ISO shall establish a security strategy that includes perimeter protection, the monitoring of network traffic and usage of information resources. This strategy will include perimeter security controls, including some or all the following components: DMZ, firewall, intrusion detection or prevention system, or router.  External network monitoring, scanning, and alerting for WTAMU information resources as specified in Texas Government Code, Chapters 2054 and 2059.

Information systems shall also be monitored based on risk decisions.  Monitoring tools shall be configured to identify and alert proper personnel of the following

  • Attacks and indicators of potential attacks in accordance with alerts from monitoring devices and services; and
  • Unauthorized local, network, and remote connections.
  • Unauthorized use of the information system through alerts generated by monitoring devices and services.

Monitoring devices shall be deployed both strategically within the information system to collect organization determined essential information, and at ad hoc locations within the system to track specific types of transactions of interest to the organization.

Information obtained from monitoring tools shall be treated as confidential and be protected from unauthorized access, modification, and deletion.

WTAMU shall heighten the level of information system monitoring activity when there is an indication of increased risk to organizational operations and assets, individuals, other organizations, or the nation based on law enforcement information, intelligence information, or other credible sources of information.

WTAMU shall obtain legal opinion with regard to information system monitoring activities in accordance with applicable federal laws, executive orders, directives, policies, or regulations.

The Security Office will provides applicable alerts and status updates to system owners/custodians as necessary.