Information Security Procedures, Standards, and Forms

The Office of Information Security provides guidance related to security specific policies, standards, and procedures. This information is used for IT governance, risk management, legal and regulatory compliance (e.g. FERPA, HIPAA, PCI, DFARS 7012/NIST 800-171).

Standards are used to achieve policy objectives through the definition of mandatory controls and requirements.

Procedures are used to ensure consistent application of security policies and standards.

Guidelines provide guidance on security policies and standards.


The following links contains security related standards, procedures, and guidelines: