The Medical University of South Carolina   About MUSC  ·  Education  ·  Medical Center  ·  Research  ·  Library   
 

OCIO Home

General
 ·Principles & Values
 ·IT Governance Model
 ·Structure & Relationships
 ·Priorities
 ·Goals & Accomplishments

Governance in Action
 ·Chief Information Officer
 ·President's VP Group
 · Information Security Charter
·Information Mgmt Council
  ·Information Services (IS)
 ·Shared Interest Groups
 ·Purchasing Guidelines


News and Information
 ·IT Strategic Plan (PDF)
 ·Deans' Update
  .Catalyst Articles
 ·Presentations
 ·IT Governance (PDF)
 ·Organizational Planning (PDF)
 ·Description of Fees
 ·Non-MUSC EMR Access

Contact Us
 ·Office of the CIO
 ·CIO, Dr. Frank C. Clark (email)
 ·Support Desk (email)

Disclaimer

Information Security and IT Compliance Council

Charter:

The Information Security and IT Compliance Council (ISICC) serves as a subcommittee of the Information Management Council (IMC). In this role, the ISICC provides input and support to the IMC in the areas of information security and IT compliance. The ISICC directly supports the IMC's mission of ensuring that appropriate and cost-effective information protection measures are applied to MUSC's information and IT assets, and serves as an advocate for the continuous improvement of MUSC's information security program. Functions: The ISICC, working in close partnership with the IMC and with other groups and participants in the MUSC IT Governance process, performs the following

functions:

  • Provides guidance and oversight to MUSC's information security program, with particular emphasis on information security risk assessment processes, which are critical to policy, strategy, and funding decisions at the enterprise level.
  • Ensures that MUSC's information security policies, standards and guidelines are regularly reviewed and updated; when significant changes are needed, presents the IMC with appropriate briefings and recommendations.
  • Ensures that the effectiveness of MUSC's information security program is continuously monitored and evaluated.
  • Seeks to ensure that MUSC's IT policies and procedures are sufficient to meet applicable legal, regulatory and contractual requirements.
  • Sets overall priorities and provides oversight for all information security and IT compliance projects, including post-implementation reviews with an assessment of whether expected benefits and returns on investment are realized.

Membership:

Membership on the ISCC shall be determined by the IMC. The chairperson of the ISICC shall be determined by its membership. The IMC shall periodically review the ISICC's membership and make adjustments as necessary.

Initial Membership List:

  • Richard Gadsden, Information Security Office
  • Reece Smith, University Compliance Office, MUHA Compliance Office
  • Acker, Julie, UMA Compliance Department
  • David Moses, Internal Audit (consultative)
  • Kurt Nendorf, OCIO Director of Infrastructure Systems
  • Joseph Good, University Counsel
  • Annette Drachman, MUHA Counsel
  • Representative, FAIC
  • Representative, PIC
  • Representative, CIIC

 

 

created 10/17/08

OCIO  ·  171 Ashley Avenue  ·  Charleston SC 29425  ·   Support Desk: (843) 792-9700

MUSC