302 KB | 3 files | DOC, PDF
These IT security policies will aid in the protection of information of a sensitive nature.
Colorado State University collects information of a sensitive nature to facilitate and enable its business/academic functions. Unauthorized access to such information may have many severe negative consequences, including adversely affecting the reputation of the University. Protection of such personally identifiable information from unauthorized access is required by various private sector, federal and state mandates, including among others the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Family Educational Rights and Privacy Act (FERPA), Colorado House Bills 03-1175 and 06-1157, and the Payment Card Industry Data Security Standard. Sensitive information is stored on a variety of computer systems in the decentralized information technology (IT) environment at the University. As such systems are being subjected to increasing numbers and types of attempted unauthorized access, the adoption of these IT security policies will aid in the protection of such information.
The attached Zip file includes:
This table outlines the top needs of each stakeholder group that can help guide your conversations on priorities and needs for the GRC program. ... More >>
This publication provides guidelines for establishing and participating in cyber threat information sharing relationships. ... More >>
This document provides recommendations and guidelines for enhancing trust in email, including transmission and content security recommendations. ... More >>