Skip to content

ITS Standards

Access Control | Awareness & Training | Audit & Accountability | Contingency Planning | Computer Security | General Security Provisions | Incident Response | Personnel Security | Physical & Environmental Protections | Risk Assessment | Risk Management | System Communications & Protections


Access Control

Standard-InfoSec-AC-001-Access Control

Standard-InfoSec-AC-002-Authentication

Awareness & Training

Standard-InfoSec-AT-001-Training and Awareness

Audit & Accountability

Standard-InfoSec-AU-001-Audit & Logging Accountability

Standard-InfoSec-AU-002-Logging and System Activity Review

Contingency Planning

Standard - InfoSec-CP-001 - Contingency Planning

Standard - InfoSec-CP-002 - Information Security during a Disaster

Computer Security

Standard-InfoSec-CS-001-Device Life Cycle Security    

Standard-InfoSec-CS-002-Personally Owned Device Security  

General Security Provisions

Standard-InfoSec-GP-001-UTHSC Information Security Program

Standard-InfoSec-GP-002-Data & System Classification    ***UPDATED***

Standard-InfoSec-GP-003-Expectation of Privacy    

Standard-InfoSec-GP-004-Acceptable Use of IT Resources

Standard-InfoSec-GP-005-Data Security   

Standard-InfoSec-GP-007-Asset Management

Incident Response

Standard-InfoSec-IR-001-Security Incident Response

Personnel Security

Standard - InfoSec-PS-001 - Personnel Security

Physical & Environmental Protections

Standard-InfoSec-PE-001-Physical Security of Information Resources and Related Facilities

Risk Assessment

Standard-InfoSec-RA-001 – Risk Assessment

Risk Management

Standard-InfoSec-RM-001 – Risk Management     

Standard-InfoSec-RM-002 - Vulnerability Management    

Standard-InfoSec-RM-003 - Patch Management     

System & Communications Protections

Standard-InfoSec-SC-001-Network Security

Standard-InfoSec-SC-002-System and Communications Protections

Standard-InfoSec-SC-003-Application System Security

Standard - InfoSec-SC-005-Encryption

Last Published: Apr 20, 2021