To access the details of a specific policy, select the relevant policy topic in the table below.
Please note that as of July, 2025 this page is under going revision and consolidation. For any questions regarding this page use the contact options in the bar to the left.
CSU Information Security Policies
and Standards
|
Policy Number |
Policy Topic |
Supplemental Policies |
Standards |
Procedures, Guidelines, Others |
|---|---|---|---|---|
|
8000.0 |
Introduction and Scope |
|
|
|
|
8005.0 |
Policy Management |
|
|
|
|
8010.0 |
Establishing an Information Security Program |
|
|
|
|
8015.0 |
Organizing Information Security |
|
CSU: 8015.S000 |
|
|
8020.0 |
Information Security Risk Management |
|
|
|
|
8025.0 |
Privacy of Personal Information |
|
|
|
|
8030.0 |
Personnel Information Security |
|
CSU: 8030.S000 |
|
|
8035.0 |
Information Security Awareness and Training |
|
CSU: 8035.S000 |
|
|
8040.0 |
Managing Third Parties |
|
CSU: 8040.S001 |
|
|
8045.0 |
Information Technology Security |
|
CSU: 8045.S200 |
|
|
8050.0 |
Configuration Management |
|
|
|
|
8055.0 |
Change Control |
|
CSU: 8055.S01 |
|
|
8060.0 |
Access Control |
|
CSU: 8060.S000 Access Control Standard |
|
|
8065.0 |
Information Asset Management |
|||
|
8070.0 |
Information Systems Acquisition, Development and Maintenance |
|
CSU: 8070.S000 |
|
|
8075.0 |
Information Security Incident Management |
CSU: 8075.S000 |
||
|
8080.0 |
Physical Security |
CSU: 8080.S01 |
||
|
8085.0 |
Business Continuity and Disaster Recovery |
EO1031 |
|
|
|
8090.0 |
Compliance |
Debit/Credit Card Payment Policy 6340.00 |
|
|
|
8095.0 |
Policy Enforcement |
|
||
|
8100.0 |
Electronic and Digital Signatures |
CSU: 8100.S01 |
||
|
8105.0 |
Responsible Use Policy |
Additional Procedures and Standards
- 802.11 Airwave.pdf
- Application Service Provider Security Requirements.pdf
- Computer Crime and Privacy Laws.pdf
- Computer Crimes and Privacy Laws Cheat Sheet.pdf
- CoFense Implementation Plan Summary May 2018.pdf
- Data Center Security.pdf
- Data Network Wiring Standards.pdf
- Electronic Data Disposition.pdf
- Email and Campus Communication.pdf
- Email Retention.pdf
- FERPA Summary.pdf
- Information Security Awareness Training.pdf
- Information Security Program.pdf
- Network Security.pdf
- Password Standard.pdf
- Patching and Malicious Code Management.pdf
- Procedure HR Off-Boarding.pdf
- Procedure HR On-Boarding.pdf
- Standard Event Monitoring.pdf
- Telecommunications Spaces.pdf
- Telephony Rules and Policies.pdf
Updated: July 17, 2025