The SPC Information Security Department provides a vulnerability
scanning and reporting service to functional units throughout SPC to assist
departmental authorities and system administrators in systematically eliminating vulnerabilities and reducing risk.
IT Security Engineers
perform weekly technical vunerability scanning on departmental systems and provide reports to appropriate departmental authorities and system administrators reflecting discovered vulnerabilities and recommended corrective actions. This provides those accountable for the oversight with information related to the current
security posture of systems under their care in order that they may direct
appropriate actions in consultation with SPC InfoSec.
The Information Security
department reviews college-wide metrics and periodically relays compliance and
risk findings to an executive body. The integration of these processes produces
effective oversight and protection of SPC systems and data.