Information Security Standards
Standards define the process or rules to be used to support the University's practices and guidelines. Frameworks are blueprints for implementing the standards adopted by the University.
The University has adopted the National Institute of Standards and Technology Cybersecurity Framework, created through collaboration between industry and government. The Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps the University to manage its cybersecurity-related risk.
It is the responsibility of each Information Services department to develop and document operational practices (process and procedure) in order to implement the goals of the University's adopted security standards.