Policies and Standards

Systemwide Policies Systemwide Standards SSU Standards
  Introduction, Scope, and Goals
8015.0 - Organizing Information Security 8015.S000 Information Security Roles and Responsibilities Roles and Responsibilities Standard
8020.0 Information Security Risk Management Risk Management Standard
8025.0 Privacy of Personal Information    
8030.0 Personnel Information Security 8030.S000 Personnel Security Personnel Security Standard
8035.0 Information Security and Training 8035.S000 Security Awareness and Training Information Security Awareness Training Standard
8040.0 Managing Third Parties 8040.S001 Third Party Security  
8045.0 Information Technology Security
8050.0 Configuration Management Configuration Management Standard
8055.0 Change Control 8055.S001 Change Control Change Control Standard
8060.0 Access Control Access Control Standard
8065.0 Information Asset Management Data Inventory Procedure
8070.0 Information Systems Acquisition, Development, and Maintenance 8070.S000 Application Security  
8075.0 Information Security Incident Management 8075.S000 Incident Management Incident Response Standard
8080.0 Physical Security 8080.S001 Physical and Environmental Security Physical Security Standard
8085.0 Business Continuity and Disaster Recovery    
  Compliance Standard
8095.0 Policy Enforcement   Enforcement Standard
8100.0 Electronic and Digital Signatures 8100.S001 Electronic and Digital Signatures  
Integrated CSU Administrative Manual (ICSUAM) Glossary    
    Personal Confidential Information
    Computer and Network Usage