Skip to content
ApplyGive

Other ways to search: Events Calendar | UTHSC News

ITS Standards & Practices

University of Tennessee Information Technology Policies

General Information | Acceptable Use of IT Resources | Information Security Program | Risk Management | Data & System Categorization | Security Awareness Training | Security Incident Response | Asset Management | Data Access, Management, and Recovery | Account and Credential Management | Network Monitoring and Defense and Penetration TestingService Provider Management and Application Software Security Management | Secure Configuration Management | Vulnerability Management, Audit Log Management, and Malware Defense

General Information

IT0001-HSC-A-Standard on UTHSC Information Technology Standards and Practices

IT0001-HSC-A.01-Framework for Developing Standards and Practices

Acceptable Use of IT Resources

IT0002-HSC-A-Acceptable Use of IT Resources

IT0002-HSC-A.01-Login Banner

IT0002-HSC-A.02-Acceptable Use of Generative AI

IT0002-HSC-A.03-Acceptable Use of UTHSC Phones and Services

IT0002-HSC-B-Expectation of Privacy

IT0002-HSC-C-Email

Information Security Program

IT0003-HSC-A-UTHSC Information Security Program

IT0003-HSC-A.01-Information Security Roles and Responsibilities

IT0003-HSC-A.02-Security Exceptions and Exemptions to ITS Standards Practices & Controls

IT0003-HSC-A.03-Information Security Violations

Risk Management

IT0004-HSC-A-Risk Management

IT0004-HSC-A.01-Risk Assessment Process

Data & System Categorization

IT0005-HSC-A-Data & System Categorization

Security Awareness Training

IT0014-HSC-A-Security Awareness Training Management

Security Incident Response

IT0017-HSC-A-Security Incident Response

Asset Management

IT0102-HSC-A-Asset Management

IT0102-HSC-B-Device Life Cycle Security

IT0102-HSC-C-Personally Owned Device Security

IT0102-HSC-D-Physical Security of Information Resources and Related Facilities

IT0102-HSC-E-Internet Of Things Security

Data Access, Management, and Recovery

IT0311-HSC-A-Access Control

IT0311-HSC-A.01-VPN Access

IT0311-HSC-A.02-Third-Party Access to Account and Data

IT0311-HSC-A.03-Data Center Access

IT0311-HSC-B-Business Continuity Planning

IT0311-HSC-C-Information Security during a Disaster

IT0311-HSC-D-Data Security

IT0311-HSC-D.01-Disposal or Destruction of Electronic & Non-Electronic Media

IT0311-HSC-E-Encryption

IT0311-HSC-E.01-Encryption for Mobile Computing and Storage Devices

Account and Credential Management

IT0506-HSC-A-Authentication

IT0506-HSC-A.01-Password Management and Complexity

IT0506-HSC-A.02-NetID Account Management

IT0506-HSC-A.03-Privileged Account Management

IT0506-HSC-A.04-Personnel Security

Network Monitoring and Defense and Penetration Testing

IT1318-HSC-A-Telecommunications Telecom Account

Service Provider Management and Application Software Security Management

IT1516-HSC-A-Third Party Risk Management

IT1516-HSC-B-Application System Security

IT1516-HSC-B.01-Application System Security Features

Secure Configuration Management

IT4912-HSC-A-Configuration Management

IT4912-HSC-B-Network Security

IT4912-HSC-B.01-Network Security Infrastructure

IT4912-HSC-C-System and Communication Protections

IT4912-HSC-C.01-Official Communications Use & Protections

IT4912-HSC-D-Wireless Network Security

Vulnerability Management, Audit Log Management, and Malware Defense

IT7810-HSC-A-Vulnerability Management

IT7810-HSC-B-Patch Management

IT7810-HSC-C-Auditing & Logging Accountability

IT7810-HSC-D-Logging and System Activity Review

IT7810-HSC-E-Antivirus_Antimalware Protection

 

 

May 9, 2025