Access- to approach, view, instruct, communicate with, store data in, retrieve data from, or otherwise make use of information resources.
Access Control- the enforcement of specified authorization rules based on positive identification of users and the systems or data they are permitted to access.
Availability- ability to be present or make ready for immediate use
Breach or Incident- an event which results in unauthorized access, loss, disclosure, modification, or destruction of information resources whether accidental or deliberate
Computer- an electronic, magnetic, optical, electromechanical, or other high-speed data processing device that performs logical, arithmetic, or memory functions by the manipulations of electronic or magnetic impulses and includes all input, output, processing, storage, or communication facilities that are connected or related to the device.
Computer Security- those measures, procedures, or controls which provide an acceptable degree of safety of information resources from accidental or intentional disclosure.
Confidential Information- information that is excepted from disclosure requirements under the provisions of the Texas Public Information Act or other applicable state or federal law.
Contingency- intended for use in circumstances not completely foreseen.
Control- a protective action, device, policy, procedure, technique, or other measure that reduces exposure.
Critical Information- information that is defined by the agency to be essential to the agency's function(s).
Custodian of an Information Resource- a person responsible for implementing owner-defined controls and access to an information resource.
Data- a representation of facts or concepts in an organized manner in order that it may be stored, communicated, interpreted, or processed by automated means. Data includes all files, regardless of size or storage media, including e-mail messages, system logs, and software (commercial or locally developed).
Data Security- those measures, procedures, or controls which provide an acceptable degree of safety of information resources from accidental or intentional disclosure.
Department Head - An employee of the university with budgetary authority over users of an information resource.
Disaster- a condition in which an information resource is unavailable, as a result of a natural or man-made occurrence, that is of sufficient duration to cause significant disruption in the accomplishment of agency program objectives, as determined by agency management.
Disclosure- unauthorized access to confidential or sensitive information.
Hacker- a person who illegally gains access to and sometimes tampers with information in a computer system
Harm- includes partial or total alteration, damage, or erasure of stored data, interruption of computer services, introduction of a computer virus, or any other loss, disadvantage, or injury that might reasonably be suffered as a result of the actor's conduct.
Incident or Breach- an event which results in unauthorized access, loss, disclosure, modification, or destruction of information resources whether accidental or deliberate
Information- that which is extracted from a compilation of data in response to a specific need.
Information Resource- the procedures, equipment, facilities, software and data which are designed, built, operated and maintained to collect, record, process, store, retrieve, display and transmit information.
Integrity- the state that exists when computerized information is predictably related to its source and has been subjected to only those processes which have been authorized by the appropriate personnel.
Owner of an Information Resource- a person responsible for a business function and for implementing controls and access to information resources supporting that business function.
Password- a protected word or string of characters which serves as authentication of a person's identity (personal password), or which may be used to grant or deny access to private or shared data (access password).
Risk- the likelihood or probability that a loss of information resources or breach of security will occur.
Security Controls- hardware, programs, procedures, policies, and physical safeguards which are put in place to assure the integrity and protection of information and the means of protecting it.
Sensitive Information- information maintained by state agencies that requires special precautions to protect it from unauthorized modification or deletion. Sensitive information may be either public or confidential. It is information that requires higher than normal assurance of accuracy and completeness. The controlling factor for sensitive information is that of integrity.
User of an Information Resource- an individual or automated application authorized to access an information resource in accordance with the owner-defined controls and access rules.
Virus- an unwanted computer program or other set of instructions inserted into a computer's memory, operating system, or program that is specifically constructed with the ability to replicate itself or to affect the other programs or files in the computer by attaching a copy of the unwanted program or other set of instructions to one or more computer programs or files.
Worm- A program or algorithm that replicates itself over a computer network and usually performs malicious actions, such as using up the computer's resources and possibly shutting the system down