Introduction
Information security is a holistic discipline, meaning that its application, or lack thereof, affects all facets of an organization or enterprise. The goal of the J-Tricks Information Security Program is to protect the Confidentiality, Integrity, and Availability of the data employed within the organization while providing value to the way we conduct business. Protection of the Confidentiality, Integrity, and Availability are basic principles of information security, and can be defined as:
The J-Tricks Information Security Program is built around the information contained within this policy and its supporting policies.
Purpose
The purpose of the J-Tricks Information Security Policy is to describe the actions and behaviors required to ensure that due care is taken to avoid inappropriate risks to J-Tricks, its business partners, and its stakeholders.
Audience
The J-Tricks Information Security Policy applies equally to any individual, entity, or process that interacts with any (District/Organization) Information Resource.
Policy
J-Tricks maintains and communicates an Information Security Program consisting of topic-specific policies, standards, procedures and guidelines that:
*The information security program is reviewed no less than annually or upon significant changes to the information security environment.
Waivers
Waivers from certain policy provisions may be sought following the J-Tricks Waiver Process.
Information security is a holistic discipline, meaning that its application, or lack thereof, affects all facets of an organization or enterprise. The goal of the J-Tricks Information Security Program is to protect the Confidentiality, Integrity, and Availability of the data employed within the organization while providing value to the way we conduct business. Protection of the Confidentiality, Integrity, and Availability are basic principles of information security, and can be defined as:
- Confidentiality – Ensuring that information is accessible only to those entities that are authorized to have access, many times enforced by the classic “need-to-know” principle.
- Integrity – Protecting the accuracy and completeness of information and the methods that are used to process and manage it.
- Availability – Ensuring that information assets (information, systems, facilities, networks, and computers) are accessible and usable when needed by an authorized entity.
The J-Tricks Information Security Program is built around the information contained within this policy and its supporting policies.
Purpose
The purpose of the J-Tricks Information Security Policy is to describe the actions and behaviors required to ensure that due care is taken to avoid inappropriate risks to J-Tricks, its business partners, and its stakeholders.
Audience
The J-Tricks Information Security Policy applies equally to any individual, entity, or process that interacts with any (District/Organization) Information Resource.
Policy
J-Tricks maintains and communicates an Information Security Program consisting of topic-specific policies, standards, procedures and guidelines that:
- Serve to protect the Confidentiality, Integrity, and Availability of the Information Resources maintained within the organization using administrative, physical and technical controls.
- Provide value to the way we conduct business and support institutional objectives.
- Comply with all regulatory and legal requirements, including:
- HIPAA Security Rule,
- State breach notification laws,
- PCI Data Security Standard,
- Information Security best practices, including ISO 27002 and NIST CSF,
- Contractual agreements,
- All other applicable federal and state laws or regulations.
- HIPAA Security Rule,
*The information security program is reviewed no less than annually or upon significant changes to the information security environment.
Waivers
Waivers from certain policy provisions may be sought following the J-Tricks Waiver Process.