Security Committee


This committee will foster a consistent focus on security within the UT IT community, with baselines and quantifiable metrics that align with campus security policy.  It will facilitate and focus a consistent approach to IT security management in the CSUs while safeguarding the core missions of the University of Texas at Austin.

Straightforward and actionable best-practice frameworks will be a cornerstone of these efforts, with phased objectives building on each other to improve UT's response to security challenges. Timelines will be established to meet objectives, with tools, training, and other support provided to meet the standards needed to secure the data and devices of the campus.

This committee will describe roles and responsibilities of the CSUs, ISO and ITS to establish clear and complementary expectations and procedures to facilitate communication and cooperation to meet the needs of faculty, staff, and students.  Coordinated campus responses to threats using rapid, orchestrated, deployment of fortifications or remediations is the ultimate objective of this committee.


Committee responsibilities include:

  • Define and promote best security practices to ensure 100% active management of the entire IT ecosystem with well prioritized, phased, and time-bound objectives.
    • Develop actionable plans to meet policy requirements
    • Create solutions to facilitate propagation
    • Baselines will guide proactive patching and necessary remediation efforts
  • Preliminary efforts will emphasize the fortification of endpoints around five key components
    • Endpoint Management Consoles (e.g. SCCM and JAMF)
    • Device encryption
    • General Networks deployment 
    • Least privileged access
    • Telemetry agent deployment (e.g. Nessus)
  • Aggressive gap analysis with corresponding remediation will be an ongoing focus of the committee
    • Milestones will be established for compliance via various reports to help direct efforts
  • Data protection (both access controls and backup reliability)
  • Application development and software stewardship will be addressed as needed
  • Endpoint security standards will be communicated and deployed
  • Collaborative efforts will be essential to success
    • Frameworks for verification reporting and accountability will be established
    • Roadmaps will be developed and shared consistently
    • After action reports will be created and shared for process improvement and accountability
    • Security initiatives within CSUs and across the campus will be promoted 
  • Close coordination and partnerships will be kept with key related groups (governance, new technical groups, etc) to ensure that efforts are effective and synergistic
    • The Endpoint Management and Networking committees in ITLC will be key partners 
    • The committee will partner with the CISO to enhance compliance toolsets, protocols, and reporting


Mark McFarlandExecutive DirectorCNS
Bob GloydIT


Ryan BaldwinDirector of IT and
Cam BeasleyCISOUT
Chris CarterDir Org EffectivenessUT
James CoombesDirectorComp Svcs -
Stephanie DussaultAssociate Director of Technology
Michael HarveyAssistant Dean for
Trice HumpertAsst VP for ITSCIO/ITS COO
Emily HurtDeputy Chief Information Security
Rich JanesDirector of Technology
Sandy JansenChief Audit ExecutiveInternal
Carol LeeDirector of Strategic InitiativesCIO/ITS COO
James LewisDirector, Computer
John LovelaceDirector of Networking and Telecommunications and Office of Telecommunication ServicesITS
Melissa Medina-RazzaqueAssistant Director of OperationsNatural
David RobertsSenior Enterprise Engineer -
Nathaniel SelmanSenior Systems
Jason WangSenior Information Technology ManagerITS
Chris YallaleeSystems Administrator

Meeting Schedule

The Security Committee meets monthly, but given the dynamic nature of information security, the chair may seek out feedback from the group more frequently via electronic communications or impromptu meetings. 


Documents and Minutes