IT Policies and Standards
Purdue Systems Security (PSS) facilitates the development of University information security policies and consults on information security compliance activities under federal, state, and local law.
Policies are reviewed by PSS and by the policy subcommittee of the Security Officers' Working Group. Draft policies are then presented to the University Security Officers' Working Group, the University Data Stewards organization, and other interested stakeholders. After appropriate review by these groups, the formal University process is followed for policy signature.
Information Security Policy Document Definitions
Information Security Policy Documents
Acceptable Use of IT Resources and Information Assets (VII.A.4)
Information Security and Privacy (VII.B.8)
Applicable University Standards, Guidelines, Procedures
- Domain Name System Use Standards
- S-5 Electronic Information, Communication and Technology Accessibility
- S-7 Electronic Mail
- S-10 Compliance with HIPAA Privacy and Security Regulations
- S-11 IT Resource Logging
- S-13 Authentication, Authorization and Access Controls
- S-14 Biometric Technologies
- S-15 Privileged Accounts and Service Accounts
- S-16 User Credentials
- S-17 IT Security Incident Response
- S-18 Social Security Numbers
- Wireless Network Acceptable Use Standards
- Cloud Computing Guidelines
- End User Security Guidelines
- Implementation Readiness
- Media Disposal Guidelines
- System Administrator Security Guidelines
- RPA Guidelines
- Acceptable Use of IT Resources and Information Assets Procedures
- IT Resource Logging - Reporting and Review Procedures
Questions and Additional Resources
If you have questions about protecting university data and complying with applicable policies, standards, guidelines and procedures, please submit a ticket here.
Additional resources:
Dated: April 18, 2023