IT Policy, Standards & Guidelines

IT Policies 

Title

Description

IT Governance PolicyEstablishes IT governance groups, gives the CIO the authority & responsibility to oversee the IT Governance program, and aligns with UNC IT Governance Policy. ITS Governance One Pager
Acceptable Use Policy Outlines the acceptable uses and specific prohibitions inherent to the access and use of Information Technology and Information Resources owned or provided by Appalachian State University

 Note: a complete list of IT policies can be found in the University Policy Manual

IT Standards

Title

Description

Ratified

Information Security Risk Management Standard (PDF)This standard covers all University information resources including systems, data, and services. This standard is applicable to all Appalachian State University employees, students, and affiliates.  It defines the specific minimum technical security practices needed to protect different types of University information resources based on the degree of risk that may be realized should these resources be compromised, stolen, degraded, or destroyed.3/2020
IT Standard on IT Standards and Policies (PDF)Defines the process for developing, reviewing, approving and maintaining IT standards and policies.  Serves as a template for new standards.3/2019
Identity & Access Management Standard (PDF)Defines requirements that must be met consistently and securely identify, authenticate, and authorize users of University IT services.3/2020
Structured Cabling Standard (PDF)Provides a standard specification for all University facilities requiring cabling installation6/2019
Encryption Standard (PDF)Defines the requirements necessary for securely managing encryption technologies in order to provide acceptable levels of protection for institutional data and systems.4/2019
IT Acquisition Standard (PDF)Explains the steps to acquire information technology, including IT provided freely by an external group.4/2019
Data Management Standard (PDF)Outlines the responsibilities and requirements needed to consistently protect the value and security of University data.5/2016
Enterprise Password Standard (PDF)Defines the requirements associated with the management of passwords utilized for managing, accessing, and supporting University enterprise information systems. 5/2016
Secure Data Handling Standard (PDF) Provides guidance on which campus technologies can be used to securely transmit or store different types of University data.8/2017

 

Guidelines

Title

Description

Secure File Storage and SharingProvides guidance of which campus technologies can be used to securely transmit or store different types of University data.
Mobile Device SecurityProvide guidance and best practices to secure mobile devices to help safeguard both personal and University data.