Press Enter to skip to the main content
Catalog Degrees Visit Apply
Give Blinn A-Z Calendars myBLINN
Blinn College For Mobile Devices
  • About
    • About
    • Administration
    • Accreditation
    • Affordability
    • Blinn A-Z
    • Board of Trustees
    • Campuses
    • Campus Maps
    • Catalog
    • Chancellor
    • Contact Blinn
    • Directory
    • Economic Impact
    • Employment Opportunities
    • Institutional Research and Effectiveness
    • Newsroom
  • Student Services
    • Student Services
    • Academic Advising
    • Activities Calendar
    • Business Office/Payment
    • Campus Safety
    • Career Services
    • Counseling Services
    • Disability Services
    • Financial Aid
    • Graduation Information
    • Housing and Residence Life (Brenham Campus)
    • Health Clinics
    • Meal Plans
    • Pregnancy and Parenting Services
    • Police and Emergency Management
    • Scholarships
    • Student Leadership/Activities
    • Title IX
    • Transcripts
    • Veteran Services
  • Future Students
    • Future Students
    • Academic Advising
    • Admissions
    • Application Steps
    • Contact a Recruiter
    • Course Registration
    • Housing and Residence Life
    • Immunization Information
    • Important Dates and Deadlines
    • International Students
    • New Student Registration
    • Placement Testing
    • Preview Day
    • Residency
    • Visit
  • Blinn College For Desktop Devices
  • Programs
    • Programs
    • Academic Affairs
    • Academic Calendar
    • Applied Technology and Workforce
    • Blinn Online
    • Catalog
    • Course Schedule
    • Dual Credit
    • Programs A-Z
    • Transfer Information
    • Instructional Leadership
  • Academic Resources
    • Academic Resources
    • Bookstore
    • Ecampus
    • Learning Center
    • Library
    • myBLINN
    • Testing Services
    • Tutoring Services
    • Writing Center
  • Community
    • Community
    • Alumni and Friends Association
    • Alumni Lettermen Association
    • Athletics
    • Blinn College Foundation
    • Box Office
    • Performing Arts Series
    • Rent Event Spaces
    • Small Business Development Center
    • Star of the Republic Museum
    • Visual and Performing Arts
  • Administrative Regulations Home
  • Recording of Class Lectures by Students
  • Quiet Hours and No Loitering
  • Purchasing
  • Procurement Card (P-Card)
  • Printing Guidelines
  • Payment of Medical Care Costs for Student Athletes
  • Parking and Traffic Regulations
  • Outside Employment
  • Excused Absences for Students Called To Active Military Service
  • Blinn Announcement (Mass Email) Guidelines
  • Building Access Key and Card Regulation
  • Institutional Scholarships/Pell Grant Award Coordination
  • Information Resources Acceptable Use, Security and Copyright Infringement
  • Incivility Protocol
  • Hiring Manager’s Guide For Faculty and Staff
  • Graduation
  • General Educational Development Test Administration
  • Flexible Work Schedules
  • Financial Support for Student Organizations
  • Final Course Grade Appeal
  • Faculty Workload, Teaching Load, and Office Hours
  • Faculty Professional Development
  • Unearned Tuition Assistance Funds
  • Facility Naming Rights
  • Externally Funded Grants and Contracts
  • Expulsion of Students from Class
  • Expressive Activities on Campus by Students and Employees
  • Employee Progressive Discipline
  • Employee Performance Evaluations
  • Assistance Animals - Emotional Support Animals
  • Cell Phone Allowances
  • Emergency Response Plan
  • Employee Book Voucher
  • Emergency Procedures Manual
  • Athletic Department Drug Testing
  • Drug and Alcohol Prevention Program (DAAPP)
  • Disposal of Property
  • Display Screen Guidelines
  • Discretionary Time
  • Direct Deposit, Payroll
  • Capital Asset Guidelines
  • Campus Security Authorities
  • Campus Carry
  • Information Systems and Services
  • Information Systems and Information Integrity
  • Information Systems and Communications Protection
  • Information Systems Supply Chain Risk Management
  • Information Systems Security Planning
  • Administrative Organization Plan - Councils and Committees
  • Information Systems Security Assessment and Authorization
  • Information Systems Risk Assessment
  • Prohibited Technologies and Covered Applications
  • Information Systems Media Protection
  • Information Systems Maintenance
  • Information Systems Security Program
  • Information Resources Acceptable Use, Security and Copyright Infringement
  • Information Systems Incident Response
  • Information Systems Identification and Authentication
  • Information Access Control
  • Photo Identification (ID) Card
  • Faculty Credentialing Procedures
  • Blinn Alert Notification
  • Student Code of Conduct
  • Approved Vendors for Apparel and Promotional Items
  • Alternate Work Location
  • Admission Requirements and Registration Eligibility
  • Web Accessibility
  • Board Policy/Administrative Regulations Development and Approval
  • Quarantine Leave for Certain Law Enforcement and EMS Personnel
  • Outdoor Intramural Spaces Guidelines
  • Name, Image, and Likeness
  • Indoor Tabling Guidelines
  • Hazing Prevention
  • Credit by Examination, Prior Learning Assessment, Awarding Credit
  • Additional Education During Term of Employment
  • Post Accident Drug and Alcohol Testing
  • Personal Leave
  • Prohibition Against Inducements, Commission and High-Pressure Recruitment Tactics for Service Members
  • Continuity of Operations Plans
  • Employee Complaints
  • Community Users of the Blinn College Library
  • College District Closures
  • College District Brand Guidelines
  • College Catalog Policy
  • Information Systems Physical and Environmental Protection
  • Information Systems Personnel Security
  • Information Systems Contingency Planning
  • Information Systems Configuration Management
  • Information Systems Awareness and Training
  • Information Systems Audit and Accountability
  • Awarding Incomplete Grades
  • Athletic Awards Criteria
  • Assessment of Instructional Programs and Courses
  • Board Policy CS - Information Systems
Administrative Regulations Home Recording of Class Lectures by Students Quiet Hours and No Loitering Purchasing Procurement Card (P-Card) Printing Guidelines Payment of Medical Care Costs for Student Athletes Parking and Traffic Regulations Outside Employment Excused Absences for Students Called To Active Military Service Blinn Announcement (Mass Email) Guidelines Building Access Key and Card Regulation Institutional Scholarships/Pell Grant Award Coordination Information Resources Acceptable Use, Security and Copyright Infringement Incivility Protocol Hiring Manager’s Guide For Faculty and Staff Graduation General Educational Development Test Administration Flexible Work Schedules Financial Support for Student Organizations Final Course Grade Appeal Faculty Workload, Teaching Load, and Office Hours Faculty Professional Development Unearned Tuition Assistance Funds Facility Naming Rights Externally Funded Grants and Contracts Expulsion of Students from Class Expressive Activities on Campus by Students and Employees Employee Progressive Discipline Employee Performance Evaluations Assistance Animals - Emotional Support Animals Cell Phone Allowances Emergency Response Plan Employee Book Voucher Emergency Procedures Manual Athletic Department Drug Testing Drug and Alcohol Prevention Program (DAAPP) Disposal of Property Display Screen Guidelines Discretionary Time Direct Deposit, Payroll Capital Asset Guidelines Campus Security Authorities Campus Carry Information Systems and Services Information Systems and Information Integrity Information Systems and Communications Protection Information Systems Supply Chain Risk Management Information Systems Security Planning Administrative Organization Plan - Councils and Committees Information Systems Security Assessment and Authorization Information Systems Risk Assessment Prohibited Technologies and Covered Applications Information Systems Media Protection Information Systems Maintenance Information Systems Security Program Information Resources Acceptable Use, Security and Copyright Infringement Information Systems Incident Response Information Systems Identification and Authentication Information Access Control Photo Identification (ID) Card Faculty Credentialing Procedures Blinn Alert Notification Student Code of Conduct Approved Vendors for Apparel and Promotional Items Alternate Work Location Admission Requirements and Registration Eligibility Web Accessibility Board Policy/Administrative Regulations Development and Approval Quarantine Leave for Certain Law Enforcement and EMS Personnel Outdoor Intramural Spaces Guidelines Name, Image, and Likeness Indoor Tabling Guidelines Hazing Prevention Credit by Examination, Prior Learning Assessment, Awarding Credit Additional Education During Term of Employment Post Accident Drug and Alcohol Testing Personal Leave Prohibition Against Inducements, Commission and High-Pressure Recruitment Tactics for Service Members Continuity of Operations Plans Employee Complaints Community Users of the Blinn College Library College District Closures College District Brand Guidelines College Catalog Policy Information Systems Physical and Environmental Protection Information Systems Personnel Security Information Systems Contingency Planning Information Systems Configuration Management Information Systems Awareness and Training Information Systems Audit and Accountability Awarding Incomplete Grades Athletic Awards Criteria Assessment of Instructional Programs and Courses Board Policy CS - Information Systems

Information Systems Security Assessment and Authorization

BLINN COLLEGE ADMINISTRATIVE REGULATIONS MANUAL

SUBJECT: Information Systems Security Assessment and Authorization

EFFECTIVE DATE: March 1, 2020; amended September 19, 2023

BOARD POLICY REFERENCE: CS

PURPOSE

Establish procedures and policies to establish a security assessment procedure.

PROCESS

Security Assessment and Authorization Policy and Procedures (CA-01)

The CISO in coordination with information system owners:

  1. Develops, documents, and disseminates to information system owners:
    1. A security assessment and authorization policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
    2. Procedures to facilitate the implementation of the security assessment and authorization policy and associated security assessment and authorization controls; and
  2. Reviews and updates the current:
    1. Security assessment and authorization policy as necessary; and
    2. Security assessment and authorization procedures as necessary.

Security Assessment Policy

Security Assessments (CA-02)

A review of the College District’s information security program for compliance with these standards will be performed at least biennially, based on business risk management decisions, by individual(s) independent of the information security program and designated by the College District’s head or his or her designated representative(s).

The CISO must develop a security assessment plan. The security assessment will review the security controls and operation determining the extent to which the controls are implemented correctly and operate as intended. The assessment must be performed by individual(s) independent of the CISO. The results of the security assessment must be reported to the Chancellor/CEO

Information Exchange (CA-03)

The College District authorizes all connections from internal/organization information system to other information systems outside of organization through the use of system connection agreements and monitors/controls the system connections on an ongoing basis.

Information resource owner must authorize all dedicated sustained connections from an information resource to external information resources through the use of interconnection security agreements. Document each interconnection interface, security requirements and information communicated. Agreements must be reviewed by CISO and updated as necessary. These connections will be included in the annual risk assessments.

Plan of Action and Milestones (CA-05)

The College District develops and updates, a plan of action and milestones for the information system that documents the organization’s planned, implemented, and evaluated remedial actions to correct deficiencies noted during the assessment of the security controls and to reduce or eliminate known vulnerabilities in the system.

Information resource owners in coordination with CISO must develop a plan of action including milestones to remediate deficiencies noted during security assessments and reduce or eliminate known vulnerabilities in the system in particular applying security patches and software updates.

Security Authorization (CA-06)

The College District authorizes the information system for processing before operations or when there is a significant change to the system. A senior organizational official, or their delegate, approves the authorization.

An Information resource owner is assigned to each information system. The information system owner must authorize the information resource for processing before commencing operations and ensures the security authorization is updated.

Continuous Monitoring (CA-07)

The College District monitors the security controls in the information system on an ongoing basis.

The CISO in coordination with information resource owners must develop a continuous monitoring strategy and implement continuous monitoring including metrics to be monitored along with monitoring methodology and response actions to the correlation of related security monitoring events.

Reporting the security and privacy status of the information systems to the Executive Vice Chancellor on an annual basis.

Penetration Testing (CA-08)

The College District conducts penetration testing at least biannually on external facing information systems.

The CISO coordinates with information system owners in the conduct of penetration testing to confirm vulnerabilities are corrected and access controls are in-place. The results of penetration testing are part of the security assessment.

Texas Government Code § 2054.516(a)(2) requires each state agency implementing an Internet website or mobile application that processes any sensitive personal or personally identifiable information or confidential information to subject the website or application to a vulnerability and penetration test and address any vulnerability identified in the test.

Agencies shall perform, or have performed, an external network penetration test every two years at minimum.

Internal System Connections (CA-09)

The College District has a procedure for authorizing internal information resource connections.

Information resource owner must authorize all dedicated sustained connections from an information resource to internal information resources. Document each interconnection interface, security requirements and information communicated. Connections must be reviewed by CISO and updated annually. These connections will be included in the annual risk assessments.

PROGRAMS
VISIT
APPLY

The Blinn College District is accredited by the Southern Association of Colleges and Schools Commission on Colleges (SACSCOC) to award associate degrees. The Blinn College District also may offer credentials such as certificates and diplomas at approved degree levels. Questions about the accreditation of the Blinn College District may be directed in writing to the Southern Association of Colleges and Schools Commission on Colleges at 1866 Southern Lane, Decatur, GA 30033-4097, by calling (404) 679-4500, or by using information available on SACSCOC's website (www.sacscoc.org).

The Blinn College District does not discriminate on the basis of race, color, national origin, sex, or disability. For information regarding Title IX, ADA, Section 504, and other anti-discrimination coordinators, see the Student Title IX page.

quick links
  • A to Z Index
  • About Blinn College
  • Academic Calendar
  • Blinn Bookstores
  • Campus Maps
  • Choose your Campus
  • Contact Us
  • Directory
  • Employment Opportunities
  • Giving to Blinn
  • Library
  • myBLINN login
  • Social Media
resources
  • Access Syllabi & CVs
  • Curriculum Committee
  • Expressive Activity on Campus
  • Financial Transparency
  • House Bill 2504
  • Mental Health Counseling
  • Online Institutional Resumes
  • Open Records
  • Required Notices
  • State Auditor's Office Fraud, Waste, or Abuse Hotline
  • Student Complaint Forms
  • Student Consumer Information
  • Student Rights and Responsibilities
  • Student Title IX
  • Web Accessibility Statement
safety & security
  • Annual Security Report
  • Blinn Alert
  • Emergency Management
  • Police
  • Privacy Notice
  • Safety & Risk Management

departments
  • Accounting Department
  • Facilities, Planning, and Construction
  • Human Resources
  • Communications, Media Relations, and Marketing
  • Purchasing Department
Administration
  • Administration
  • Board of Trustees
  • Academic Committees
  • Administrative Regulations
  • Advisory Committees
  • Institutional Review Board
  • Legislative Matters
  • Office of Institutional Research and Effectiveness
  • Office of the Chancellor
  • Office of the Executive Vice Chancellor and General Counsel
  • Quality Enhancement Plan
  • Strategic Plan

©2026 Blinn College District | 902 College Avenue | Brenham, TX 77833 | 979-830-4000

Broken Aria Reference