ITS Policy and Standards

ITS Policy and Standards

Published

Responsible Use of University Computers and Information Systems

In today’s dynamic cybersecurity landscape, a wide range of organizations—including universities, financial institutions, social media platforms, and other online services—are adopting strategic measures to reduce risk and safeguard user data.

These measures are typically formalized through comprehensive policies that govern the organization’s information systems, data management, and operational processes. At the University, the implementation of such policies strengthens and sustains our cybersecurity posture by addressing the following key areas:

Personal and Academic Data Protection

Students, faculty, staff, and institutional partners rely on the University to maintain a strong cybersecurity program that effectively safeguards personal and academic information. To remain eligible for federal funding—including financial aid programs—the University must demonstrate adherence to NIST cybersecurity frameworks, which includes maintaining a comprehensive library of cybersecurity policies.

ITS Policy Refresh (IT Policy and Standards)

The Policy for Responsible Use of University Computers and Information Systems, went into effect in July 2025. 

This represents a vision for the University's future cybersecurity posture. At present, not all the necessary organizational and technical systems are in place to fully meet the requirements outlined in the new or updated policies. Information Technology Services (ITS) has identified the need for a strategic plan and implementation timeline to establish these systems, ensuring that all areas of ¶¶ÒõÊÓƵ can achieve compliance with the new standards.

Milestones

  • July 1st, 2025 - Responsible Use of University Computers and Information Systems goes into effect
  • August 1st, 2025 - ITS-17: Digital Course Retention Standard goes into effect

 

Key Stakeholders

These policies and standards applies to all ¶¶ÒõÊÓƵ technology assets. All users (employees, contractors, vendors, or others) of information systems are responsible for adhering to these policies and standards.

 

ITS Policy:

Responsible Use of University Computers and Information Systems

Information Security Policy

Digital Accessibility Policy

Technology Event Policy

ITS Standards:

ITS-04: Awareness and Training Standard

ITS-05: Asset Management Standard

ITS-06: Audit and Accountability Standard

ITS-07: Access, Identification, and Authentication Standard

ITS-08: Physical Protection Standard

ITS-09: System and Informational Integrity Standard

ITS-10: Risk Management Standard

ITS-11: Security of Personally Owned Devices Standard

ITs-12: Removable Media and Media Protection Standard

ITS-13: Configuration Management Standard

ITS-14: Incident Response Standard

ITS-15: System Maintenance Standard

ITS-16: Digital Signage Standard

 

Recent news

More CSIT news