TTUHSC IT Policies
Vulnerability assessments apply to all institutional computing devices. In order to test security measures currently in place, vulnerability assessments will be conducted on a scheduled, and ad hoc, basis. Vulnerability assessments will only be conducted by the TTUHSC IT Security Department, and must be approved by the TTUHSC Information Security Officer, and the TTUHSC Chief Information Officer. When vulnerabilities are detected that constitute an unacceptable level of risk as deemed by the TTUHSC IT Security Department, the server administrator will be notified of the vulnerabilities. The server administrator is responsible for ensuring that the risk is mitigated in a timely manner.