IT Policy, Standards & Guidelines

IT Policies 

Title

Description

IT Governance PolicyEstablishes IT governance groups, gives the CIO the authority & responsibility to oversee the IT Governance program, and aligns with UNC IT Governance Policy. ITS Governance One Pager
Acceptable Use Policy Outlines the acceptable uses and specific prohibitions inherent to the access and use of Information Technology and Information Resources owned or provided by Appalachian State University

 Note: a complete list of IT policies can be found in the University Policy Manual

IT Standards

Title

Description

Ratified

IT Standard on IT Standards and PoliciesDefines the process for developing, reviewing, approving and maintaining IT standards and policies.  Serves as a template for new standards.3/2019
Structured Cabling StandardProvides a standard specification for all University facilities requiring cabling installation6/2019
Encryption StandardDefines the requirements necessary for securely managing encryption technologies in order to provide acceptable levels of protection for institutional data and systems.4/2019
IT Acquisition StandardExplains the steps to acquire information technology, including IT provided freely by an external group.4/2019
Data Management Standard (PDF)Outlines the responsibilities and requirements needed to consistently protect the value and security of University data.5/2016
Enterprise Password Standard (PDF)Defines the requirements associated with the management of passwords utilized for managing, accessing, and supporting University enterprise information systems. 5/2016
Information Security Risk Management Standard (PDF) Define the specific minimum technical security practices needed to protect different types of University information resources based on the degree of risk that may be realized should these resources be compromised, stolen, degraded, or destroyed.6/2016
Secure Data Handling Standard (PDF) Provides guidance on which campus technologies can be used to securely transmit or store different types of University data.8/2017

 

Guidelines

Title

Description

Secure File Storage and SharingProvides guidance of which campus technologies can be used to securely transmit or store different types of University data.
Mobile Device SecurityProvide guidance and best practices to secure mobile devices to help safeguard both personal and University data.