Main Content Region

December 2019 IT Governance Executive Meeting

January 09, 2020
IT Governance

IT Governance Executive Committee Meeting Digest

CIA Request MPP View Demonstration

  • Michelle Behne provided an overview of the workflow API. She emphasized that it was a lot more user-friendly.
  • The Executive Committee provided positive feedback.

IT Governance Executive Committee Membership and Composition

  • VP Sudhakar presented an overview and history of the IT Governance Executive Committee (ITGEC) at CSUSB.
    • Purpose
    • The IT governance structure establishes the strategic, operational, and technical decision-making process required to ensure IT enables the University to excel in its mission. 
    • IT governance provides strategic leadership, establishes campus-wide IT priorities and policies, and is accountable and transparent to the University community.
  • ITGEC
    • The IT governance executive committee is responsible for the following:
    • Establishing and communicating a campus-wide IT vision that supports the University mission and goals
    • Establishing IT policies that support strategic, campus-wide IT priorities
    • Defining technical architecture and standards for the University
    • Establishing best practices and tools for IT across campus
    • The IT Governance Executive Committee will form sub committees to set agendas that cover the topics of interest as depicted below and form task forces as needed to address particular areas
  • Membership
    • Appointed by the President at the recommendation of the ITGEC
      • Committee Membership
      • Co-Chairs: Provost & Vice President for Academic Affairs, and Vice President for Information Technology Services & CIO
      • Members:  17
        • Dean, College of Extended Learning and Global Education – 1
        • Dean, Library – 1
        • Deans, Academic Colleges -5
        • Faculty Senate – 2 (Appointed by the Faculty Senate)
        • Faculty Teaching Resource Center – 1
        • Staff (IT + Academic) – 2
        • Staff Council – 1 (Appointed by Staff Council)
        • Students– 1 (Appointed by ASI)
        • Vice Presidents – 3

Phishing Exercise Results

  • Gerard Au presented the results of the July 31 Phishing Exercise to the Executive Committee. He also briefly touched on risks and recommendations to improve information security.
    • By the numbers
      • 7/31/2019 at 8:00 AM PST
      • 2124 faculty, MPP and staff
      • 136 reports to abuse@csusb.edu
      • First click: 7/31/2019 8:02 AM using iPhone browser
      • 970 viewed the email (45.66%)
      • 386 opened the email only (18.17%)
      • 584 users clicked the link (27.50%)
    • Mobile vs Desktop Risk
      • Most mobile devices are not maintained by the campus
      • Unmaintained operating systems
      • Malware and spyware could exist from apps or public WiFi
    • Efforts to Improve Information Security
      • Proofpoint URL Targeted Attack Protection (July 2018)
      • Multi Factor Authentication (DUO)
      • Phase 1: Sensitive Data
        Approved Apr 2017, completed Mar 2018: 313 users total
      • Phase 2: CFS Users
        Approved Oct 2017, completed May 2018: 629 uses total
      • Phase 3: ITS Users and MPPs
        Approved Sep 2018, completed Jan 2019: 826 users total
    • Recommendation
      • Phased 4: DUO rollout for all employees
      • Faculty and Staff
      • Phase 5: DUO roll out for all students