Standards & Frameworks

OVERVIEW
Standards define the process or rules to be used to support the University's practices and guidelines. Frameworks are blueprints for implementing the standards adopted by the University.

The University has adopted the National Institute of Standards and Technology Cybersecurity Framework, created through collaboration between industry and government. The Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps the University to manage its cybersecurity-related risk. Click here to view. pdf file

RESPONSIBILITIES
It is the responsibility of each Information Services department to develop and document operational practices (process and procedure) in order to implement the goals of the University's adopted security standards.

REFERENCE CATEGORIES
ISO 27001, 27002
NIST Cyber Security Framework
CIS Critical Security Controls