Acquisition Assessment Policy Defines responsibilities regarding corporate acquisitions, and defines the minimum requirements of an acquisition assessment to be completed by the information security group.
Administrative Computing Security Policy This policy outlines the responsibilities of users, data stewards, application stewards, systems administrators and management to assure the availability, integrity and confidentiality of a University.
Application Service Provider Policy Defines minimum security criteria that an ASP must execute in order to be considered for use on a project by the organization.
Audit Vulnerability Scanning Policy Defines the requirements and provides the authority for the information security team to conduct audits and risk assessments to ensure integrity of information/resources and to investigate incidents.
Critical PennNet Host Security Policy This policy describes the requirements and constraints for attaching and securing a critical computer to PennNet. It also provides "best practice" recommendations to guide systems administrators.
Server Security Policy Defines standards for minimal security configuration for servers inside the organization's production network, or used in a production capacity.
Actions
Category Stats