- IT 9.1000 (IT Security and Compliance Framework and Governance)
This policy defines the IT Security framework for 萝莉原创 (鈥淎U鈥). The policy is intended to ensure AU systems and data are protected from threats to their confidentiality, integrity, and availability. It is aligned with industry best practices and standards. AU relies on information technology assets to conduct and support operations, and recognize the risk to the organization and brand posed by a security breach.
- IT 9.1200 (IT Asset Management)
This policy governs the management and oversight of Information Technology (IT) equipment and software owned, leased, or licensed by the 萝莉原创 (鈥淎U鈥).
- IT 9.2000 (End User Responsibilities)
This policy outlines the responsibility of end users of 萝莉原创 (鈥淎U鈥) systems and network. It applies to all faculty, staff, student employees, trustees, contractors, business partners or volunteers who use AU networks, systems, and applications, or who access AU Internal or Confidential data. Explicitly excluded are non-employee students and the general public attending events accessing any wireless network provided solely for public use. These public networks are not addressed by this policy. The policy includes guidelines on retention of documents and other information, whether in paper or electronic form.
- IT 9.3000 (IT Security for IT and Data Professionals)
This policy outlines the responsibilities of IT and data professionals within 萝莉原创 (鈥淎U鈥), and defines the specific controls required to secure the AU network, systems and data. It applies to all IT and Data Professionals working on AU systems, and all AU systems.
- IT 9.3200 (User Accounts for 3rd Party Contractors)
This policy defines the responsibilities of IT for creating user accounts for 萝莉原创 (鈥淎U鈥) 3rd Party contractors. The policy also outlines the process for requesting user accounts for 萝莉原创 (鈥淎U鈥) 3rd Party contractors.
- IT 9.3400 (IT Configuration Management)
This policy outlines how 萝莉原创 (鈥淎U鈥) controls the configuration of its network, systems, and applications. It applies to all AU managed infrastructure, but excludes systems provided to AU as a service and hosted by the vendor, rather than on AU鈥檚 network.
- IT 9.3600 (IT Security Incident Response)
Information security is a holistic discipline, meaning that its application, or lack thereof, affects all facets of an organization or enterprise. The goal of the 萝莉原创 Information Security Program is to protect the Confidentiality, Integrity, and Availability of the data employed within the organization while providing value to the way we conduct business.
- IT 9.4000 (IT Security for 3rd Party Partners and Providers)
This policy outlines security expectations and responsibilities for 3rd party partners and providers. It applies to any companies or individuals who provide or support 萝莉原创 (鈥淎U鈥) systems and applications, or who manage AU data. It also provides guidance to AU faculty & staff who contract these services.
- IT 9.5000 (Web Accessibility Policy)
萝莉原创 is committed to facilitating access to university instruction, communication, research, and business processes to the broadest possible audience, in accordance with our commitment to university values. This policy is intended to ensure that the content of 萝莉原创鈥檚 Internet sites and systems are accessible to those whose disability would otherwise prevent them from obtaining access to university websites for legitimate business purposes.
- IT 9.6000 (IT Governance Policy)
Governance, risk, and compliance (GRC) issues increasingly pervade higher education information technology. As institutional investment in IT and reliance on information systems have grown, so has the need for reliable structures and measures to ensure success and minimize failure.