Information Security Policy and Standards Management Program
Information Security Policy and Standards Management Program
The Information Security Policy Management Program is the foundation of IT Governance for the university through the creation and management of policies and standards. The IS Compliance and Training Team uses a project management methodology approach to coordinate the process for identifying, updating and publishing IT policies and standards.
The Information Security Standards Management Program establishes a consistent process in support of the requirement to define technical configuration parameters and associated value standards so that management can secure university assets and comply with university policy and regulatory requirements. Standards are formal documentation that establish uniform engineering or technical criteria, methods, processes, and practices.
The IS Compliance and Training Team is responsible for leading the work group that will draft and revise documents and present them to reviewers and approvers; and for maintaining a repository of standards. The team also offers templates and offers guidance to areas creating procedures or guidelines for their own business units’ needs.
Contact the Information Security office with any questions.