ITS Security Policy 002 – Scope

Status: Final Draft
Last Revision Date: March 27, 2025

Statement of Purpose

This policy defines the overarching scope of Clackamas Community College (CCC) cybersecurity policies and provides guidance on the interpretation of key terms used across all ITS Security Policies. It ensures consistent application and understanding of cybersecurity expectations for all stakeholders within CCC’s technology environment.

Scope

Unless otherwise specified, the cybersecurity policies of Clackamas Community College apply to all users, systems, and data under the institution’s ownership, custodianship, or control. This includes, but is not limited to, faculty, staff, students, contractors, partners, and third-party service providers who interact with CCC’s electronic information resources.

This scope applies to all policy documents within the ITS Security Policy framework unless an individual policy defines a more specific or extended scope.

Definitions Reference

To maintain consistency and reduce duplication, all relevant terminology and category definitions formerly located in this policy (e.g., Users, Systems, Data, Staff, Student, Public, etc.) have been consolidated and relocated to:

ITS Security Policy 005 – Security Policy Definitions

All stakeholders are encouraged to consult Policy 005 for the official definitions governing terminology used throughout CCC’s cybersecurity policies.