I. STANDARD STATEMENT

Application security is a critical consideration in the development or procurement of
software. The factors which affect the safety of an application are numerous, including
the code itself, the hardware and network on which it is installed, authentication and
authorization of those who should have access and regular monitoring of traffic to and
from the application.

II. RATIONALE

This standard supports HOP Policy 8-12 Information Resources Use and Security Policy

III. SCOPE

This standard applies to all UTSA faculty, staff, and students.

IV. CONTACTS

informationsecurity@utsa.edu

V. PROCEDURES

  1. Each UTSA business unit that acquires or hosts an application connected to the
    UTSA network is responsible for registering the application with University
    Technology Solutions (UTS) and with meeting all security requirements identified as
    appropriate to the Data Classification levels.
  2.  UTS will maintain a registry to track the purpose of the application, responsible
    parties, data classification, and relevant technical information.
  3. UTS is responsible for the enforcement of this policy. Audits and monitoring will be
    employed to detect the use of insecure systems. UTS will provide technical
    information and advice to assist departments in meeting these requirements.
  4. For assistance pertaining to application access, application access reviews,
    or consultation pertaining to application account management, please contact the
    Office of Information Security at informationsecurity@utsa.edu.

OIS 4 – Standard for Application Registration
Effective Date: January 1, 2014
Last Reviewed: September 17, 2020