Page History

...

Document needed changes
Make changes to a draft version of the policy
Are the changes significant or alter the intent of the original policy?
1. If Yes, ensure the changes are vetted by impacted subject matter experts and business owners, information security, legal counsel, human resources if applicable, any other applicable steering committee
Publish, communicate, train, and implement

Top of page

Info

Information Security Policies

In an effort to assist in developing important security policy, below you will find institutional policies identified as examples of good policies for the topics corresponding to the chapters of the Information Security Guide.

...

Panel

bgColor	#ADD8E6

EDUCAUSE Resources

Sample Information Security Policies, an EDUCAUSE library collection of sample policies from colleges and universities, including policies on privacy, passwords, data classification, security, e-mail, and many more.
EDUCAUSE/Cornell Institute for Computer Policy and Law
EDUCAUSE Policy Initiatives
FERPA Resources and Compliance, a Blog
Gramm-Leach-Bliley Act (GLBGLBA) Act
Higher Education Compliance Alliance Matrix
HIPAA
ID Theft Red Flags
PCI DSS
Policy and Law
Policy and Law: Campus
Policy and Law: Federal
Policy and Law: State
A Framework for IT Policy Development, an EDUCAUSE Review article

Initiatives, Collaborations, & Other Resources

Higher Education Compliance Alliance
SANS Information Security Policy Templates (Note: These templates may need customization for the higher education environment.)
Toolkit to Support Federal Agencies Implementing Bring Your Own Device (BYOD) Programs (includes several sample policies)
Making the Case for IT Policy: An event kit for campuses seeking to host a workshop where they can develop IT policy through facilitated discussion and collaboration.

...

Page tree

Versions Compared

Old Version 57

New Version 58

Key