Protecting the Confidentiality, Integrity, and Availability of Information requires a risk-based approach that accounts for both the privacy and security aspects of data stewardship.  OIT policies, procedures, standards, and guidelines are aimed at protecting information in a manner commensurate with the risk that would result from unauthorized access, use, disclosure, disruption, modification, or destruction of such information.


04/04/201803/16/2018Policy 606: Annual Security Survey
04/23/201904/11/2019Policy 621: Data Breach Notification - DRAFT
09/17/201809/13/2018Policy 630: Identification & Authentication
03/12/201901/16/2019* Standard 630S1: Authenticator Management
09/17/201809/13/2018* Guideline 630G1: Biometric Authentication
09/17/201809/13/2018Policy 638: Mobile Device Access Control
09/17/201809/13/2018* Standard 638S1: Mobile Device Management
09/17/201809/13/2018* Standard 638S2: Mobile Device Use
05/09/201908/15/2019Policy 639: External Information Systems - DRAFT
05/09/201908/15/2019* Standard 639S1: External System Connections - DRAFT
04/04/201803/16/2018Policy 640: Security Awareness and Training
09/14/201809/13/2018* Procedure 640P1: FTI Disclosure Awareness Training
09/14/201809/13/2018* Form 640F1: FTI Confidentiality Statement
09/14/201809/13/2018Policy 660: System Use
09/14/201809/13/2018* Standard 660S1: User Rules of Behavior
08/05/2019Review Now* Standard 660S1: User Rules of Behavior - REVISED - DRAFT