APPROVED: January 28, 2021
EFFECTIVE: January 28, 2021
REFERENCE: Board Policy (BP) 6-10, Cyber Security Policy
/ Joe Garcia /
Joseph A. Garcia
This procedure documents Colorado Community College System and its Colleges’ (“CCCS”) requirements for the management of exceptions to CCCS Cyber Security procedures.
This procedure applies to employees, personnel affiliated via third party contracts, and volunteers that have access to Information Systems and Assets that are owned or leased by CCCS.
Exception is defined as any deviation to the existing CCCS information security procedures.
The System Chancellor delegates to the System Vice Chancellor for Information Technology (“IT”) responsibility for oversight of compliance with and implementation of this procedure. Further, the System Chancellor delegates to the College Presidents the responsibility to implement and compliance with this procedure at their respective institution.
CCCS understands that situations may arise where deviations from standard business and Information Technology processes must occur. Deviation from standard processes is discouraged; however, the deviation may be provided an exception to CCCS procedure requirements given that the alternative presents a reasonable, justifiable business case for a procedure exception, resources are sufficient to properly implement and maintain the alternative process, the process outlined in this and other related documents is followed, and other CCCS procedures and process are upheld.
CCCS reserves the right to change any provision or requirement of this procedure at any time and the change shall become effective immediately.