Skip to content

Other ways to search: Events Calendar | UTHSC News

Cybersecurity Standards

Access Control | Awareness & Training | Audit & Accountability | Configuration ManagementContingency Planning | Computer Security | General Security Provisions | Incident Response | Personnel Security | Physical & Environmental Protections | Risk Management | System Communications & Protections

Access Control

AC-001-Access Control


Awareness and Training

AT-001-Training and Awareness

Audit and Accountability

AU-001-Audit and Logging Accountability

AU-002-Logging and System Activity Review

Configuration Management

CM-001-Configuration Management    

Contingency Planning

CP-001-Business Continuity Planning  

CP-002-Information Security during a Disaster

Computer Security

CS-001-Device Life Cycle Security    

CS-002-Personally Owned Device Security  

General Security Provisions

GP-001-UTHSC Information Security Program

GP-002-Data and System Classification  

GP-003-Expectation of Privacy    

GP-004-Acceptable Use of IT Resources

GP-005-Data Security 


GP-007-Asset Management    

Incident Response

IR-001-Security Incident Response

Personnel Security

PS-001 - Personnel Security

Physical and Environmental Protections

PE-001-Physical Security of Information Resources and Related Facilities   

Risk Management

RM-001 – Risk Management     

RM-002 - Vulnerability Management    

RM-003 - Patch Management    

RM-004 - Third Party Risk Management     

System and Communications Protections

SC-001-Network Security

SC-002-System and Communications Protections

SC-003-Application System Security

SC-004-Wireless Network Security    


SC-006-Internet of Things Security          

May 7, 2024