Each Information Security policy includes specific responsibilities of the ISA and ISM in regards to that policy.
Information Security Managers
Information Security Managers typically are in a technical leadership position within the unit and are responsible for the implementation and oversight of technical controls and documentation related to information security of information systems managed or controlled by units they represent.
Information Security Administrators
Information Security Administrators typically are in an administrative leadership position within the unit and are responsible for ensuring the ISM and IT staff have appropriate support and resources to properly secure data and information systems, and implement university information security policies. The scope of responsibility of the Information Security Administrator is over information systems that the unit manages as well as third-party services the unit procures.