IT Security Standards

UA Board of Regents Policy 02.07, the UA Information Security Program, and this body of IT Security Standards apply to the UA System and all users of UA computing resources. These standards are reviewed and approved by the CIO Management Team (CMT), a system-wide governance group consisting of each è�� CIO, the UA CITO, and the UA CISO.

RECENT UPDATES	COMING SOON
Password and Authentication Standard Information Security Controls and Exceptions Standard Vulnerability and Patch Management Standard	Generative AI Security Standard UPDATE: Acceptable Use of Online Resources

GENERAL IT STANDARDS

Acceptable Use of Online Resources policy
Administrative Guidelines: Use of Email (.pdf)
Downloading Copyrighted Materials FAQs
UA Cloud Computing Guidelines
UA Guidelines for the Use of Social Media Final
User Extensions Policy

DATA AND ADMIN STANDARDS

Bulk Document Shredding
Data Classification
Retention and Disposition Schedules

SECURITY STANDARDS

Configuring SSL Securely
Encryption Options
ID Theft Program
Information Security Controls and Exceptions Standard NEW
InfoSec Breach and Handling Procedure
Information Resource Data and System Classification Standard
Information Security Definitions & Terminology
Minimum Security Standard for Desktop Systems
Mobile Device Security
Password and Authentication Standard NEW
Remote Access Security Requirements
Standards for System Logging
UA System Security Guidelines
Vulnerability and Patch Management Standard NEW

PRIVACY POLICIES

BoR & University Policy on FERPA (.pdf)
University of è�� HIPAA Privacy Policies and Procedures (.pdf)

è����������

IT Security Standards

GENERAL IT STANDARDS

è��