The cybersecurity and data protection oversight function shall be designed to directly report to the college's executive leadership, ensuring clear communication and accountability for cybersecurity matters.

The college shall ensure that managers within each department regularly review the processes and documented procedures within their area of responsibility to comply with relevant cybersecurity and data protection policies, standards, and other applicable requirements, as outlined in NIST 800-53r5 controls.

Furthermore, the college shall ensure that all cryptographic protections controls implemented adhere to known public standards such as NIST Special Publication 800-53 and utilize trusted cryptographic technologies to safeguard sensitive information from unauthorized access and disclosure.