Responsibilities
As a designated information security officer for your district or charter school,
your key duties include:
- Serving as the primary cybersecurity contact for USBE's Student Data Privacy Team.
- Completing annual compliance checks, including any cybersecurity components of the
Privacy Compliance Review.
- Overseeing the implementation of a cybersecurity framework in your district or charter,
as defined in Board Rule R277-487.
- Collaborating with the data manager to respond to data incidents, including breaches
that require notifying affected parties, reporting to the Utah State Board of Education,
and reporting to the Utah Cyber Center.
- Collaborating with the data manager to support privacy efforts.
First Steps for New ISOs
If you have recently been assigned as an information security officer, you may be
wondering where to begin. As you embark on this role, we recommend following these
steps to get started:
- Newsletter Subscription: Sign up for the Student Data Privacy newsletter to stay updated.
- Familiarize yourself with the cybersecurity framework your LEA has chosen to adopt.
- Optional Professional Learning:
- Attend conferences and other professional learning opportunities, such as the Student
Data Privacy Team's Spring Trainings and Fall Conferences for virtual and hands-on
learning and networking. These opportunities are advertised in our monthly newsletter
and on our Events page.
External Resources for ISOs
Support and Assistance
Please don't hesitate to reach out to us at privacy@schools.utah.gov for any assistance. For specific queries about your role as an information security
officer, you can contact:
Jeremy Zabriskie, Data Privacy and Security Specialist
