Office of Information Technology

The Information Security and Compliance Office is responsible for the development, implementation and maintenance of a comprehensive Information Security Program to safeguard personal confidential information that is maintained by the College by protecting it from unauthorized use, disclosure or compromise. The MDC Information Security Program to be provided by the ISPO shall, at a minimum, seek to address the following major components:

• Development and implementation of security policies, standards and procedures which reflect best practices in information security for higher education;
• On-going compliance with laws and regulations related to information security;
• Development and provision of security awareness training for the MDC community;
• Identification and provision of enterprise-wide security functions;
• Management of incident response, investigative support and chain of evidence;
• Verification and enforcement of security policies in daily operations; and
• Guidance and assistance to campus IT staff regarding security functions to be managed or implemented at the campuses.

Incident Management

In order to better serve the College and remain in compliance with various state and federal laws and regulations, the Information Security and Compliance Office has developed some procedures for handling an information security incident. For more information on determining if a security incident has occurred and what to do if one has, contact the Information Security and Policy Office via email at itsecurity@mdc.edu. For questions about information security, please contact the Chief Information Security Officer.