Policies

University-wide Policies

• Information Technology Security Program
• Privacy Statement
• Collection of Personal Data from Students and Customers Administrative Policy Statement
• Retention of University Records Administrative Policy Statement
• Use of Electronic Mail Administrative Policy Statement
• ​Data Governance Administrative Policy Statement

University-wide Standards, Procedures and Guidelines

• Data Governance
• System-wide Baseline Security Standards
• System-wide High Impact Security Standards
• Standards for Security Controls in Purchasing
  • Software as a Service (SaaS) Checklist
• Standards for Data Classification and System Security Categorization 
  • Data Classification
  • Adverse Impact
• Standards for Individuals with Privileged Access 
• System-Wide Incident Response Procedure to Data Breaches
  • First Information Report
• Student Data Use Guidelines
• Employee Data Use Guidelines
• Office of Information Security Risk Assessment Process
• Risk Acceptance process
• Request to Access Electronic Communications of Others
• EU General Data Protection Regulation Compliance