Security Plan for Restricted-use Data
The Senior Official (SO) has overall responsibility for the legal terms of the License and the final security of the subject data.
The Principal Project Officer (PPO) is the officer in charge of the day-to-day operations involving the use of subject data. The PPO has full responsibility for the security of the subject data, shall oversee the preparation and implementation of the IES restricted-use data security plan, and shall monitor and update the security requirements needed.
The SO or PPO shall assign a System Security Officer (SSO) in writing. The SSO (who may also be the PPO) shall be responsible for maintaining the day-to-day security of the Licensed data. The SSO's assigned duties shall include the implementation, maintenance, and periodic update of the Security Plan to protect the data in strict compliance with statutory and regulatory requirements.
Complete the Security Plan
You may enter all of the required information into a .pdf version of the Security Plan and print it out. The signature page must be signed and the completed Security Plan sent to the IES Data Security Office for processing & approval. Do not print the Security Plan double-sided.