Internal Auditor Policy Term Definition ensures that UTMB information resources are being adequately secured, based on risk management, as directed by the CAO or the IRM acting on delegated authority for risk management decisions. Back to Definitions