Information Security Policies, Procedures, and Standards

The Stanislaus State Information Security Policy comprises policies, standards, guidelines, and procedures pertaining to information security. The information contained in these documents is largely developed and implemented at the CSU level, although some apply only to Stanislaus State or a specific department.

To access the details of a specific policy, click on the relevant policy topic in the table below. You can also navigate to the relevant Supplemental Policies, Standards, and Guidelines and Procedures by clicking on the appropriate ► in the table; where more than one document of a particular type is associated with a particular topic, clicking the ► will open a separate web page with links to relevant documents.

Note that, to access documents linked from the Guidelines and Procedures columns below, you'll need an active Warrior ID and Password.

Information Security Plan

For more information, see the Stanislaus State Information Security Plan 10-16.pdf

Section Policy Topic Supplemental Policies Standards Procedures & Guidelines
8000.0 Introduction and Scope      
8005.0 Policy Management      
8010.0 Establishing an Information Security Program      
8015.0 Organizing Information Security    
8020.0 Information Security Risk Management      
8025.0 Privacy of Personal Information      
8030.0 Personnel Information Security    
8035.0 Information Security Awareness and Training    
8040.0 Managing Third Parties  

 
8045.0 Information Technology Security    
8050.0 Configuration Management      
8055.0 Change Control    
8060.0 Access Control    
8065.0 Information Asset Management  

8070.0 Information Systems Acquisition, Development and Maintenance    
8075.0 Information Security Incident Management    
8080.0 Physical Security    
8085.0 Business Continuity and Disaster Recovery    
8090.0 Compliance    
8095.0 Policy Enforcement      
8100.0 Electronic and Digital Signatures      
8105.0 Responsible Use Policy

 

 

 

Procedures and Standards

802.11 Airwave.pdf

Access Control.pdf 

Application Service Provider Security Requirements.pdf 

Computer Crime and Privacy Laws.pdf 

Computer Crimes and Privacy Laws Cheat Sheet.pdf

Data Center Security.pdf

Data Network Wiring Standards.pdf

Electronic Data Disposition.pdf 

Email and Campus Communication.pdf 

Email Retention.pdf 

FERPA Summary.pdf 

HIPAA Summary.pdf 

Information Classification and Handling.pdf 

Information Classification Cheat Sheet.pdf 

Information Security Awareness Training.pdf 

Information Security Incident Management.pdf 

Information Security Program.pdf 

Network Security.pdf 

Password Standard.pdf

Patching and Malicious Code Management.pdf

Payment Card Industry Data Security Standard PCI_DSS Summary.pdf 

Physical Security.pdf 

Procedure HR Off-Boarding.pdf 

Procedure HR On-Boarding.pdf

Risk Assessment Program.pdf 

Risk Assessment Questionnaire.xls 

Risk Assessment Inventory Server.xls 

Risk Assessment Scheduler.xls 

Risk Assessment Worksheets.xls 

Standard Event Monitoring.pdf 

Telecommunications Spaces.pdf 

Telephony Rules and Policies.pdf 

Vulnerability Management and Assessment.pdf 

Web Application Development.pdf 

Web Application Development Cheat Sheet.pdf