Policies, University of Cincinnati

Visit UC
Support UC
Directories
UC Tools
- Blackboard
- OneStop
- Student Email
- UCMail
- UCFileSpace
- UC Flex/ESS
- Password Help
- UC VPN

Policies

Information security policies underpin the security and well being of information resources. They are the foundation, the bottom line, of information security within any institution. The Information Security policies are formal statements that specify a set of rules that all users must follow when gaining access to UC’s information and information systems.

Policies are high-level management directives, and they are mandatory. A policy has four parts: purpose, scope, responsibilities, and compliance. The purpose will describe the need for that policy. The scope will describe what systems, people, facilities, and organizations are covered by the policy. The responsibilities are those of the information security staff, policy and management teams, and of the whole organization. In order to be in compliance, a policy will be judged on how effective it is and what happens when it is violated.

Review more:

Procedures

Standards

Best Practices & Guidelines

IT Handbook

Applicable to UC

Policy Number	Policy Name	Link	Status
Policy 9.1.1	Data Protection Policy	PDF	Approved
Policy 9.1.2	Vulnerable Systems Policy	PDF	Approved
Policy 2.1.7	Wireless Communication Stipend Policy	PDF	Approved
N/A	Domain Name System Policy	HTML	Approved
N/A	Information Technology Management Policy	PDF	Approved
N/A	Internal Mass Communications Policy	PDF	Approved
N/A	Network Connection Policy	PDF	Approved
N/A	Perimeter Firewall Policy	PDF	Approved
N/A	Student E-Mail Policy	PDF	Approved
N/A	Use of Information Technology Policy	HTML	Approved
N/A	Web Policy	HTML	Approved

Applicable to UCIT

Policy Number	Policy Name	Link	Status
Policy 9.1.14	Privileged Access Policy UC InfoSec F41 Privileged Access Agreement	PDF	Approved
Policy 9.1.27	Information Security Design & Architecture Review Policy	PDF	Approved
Policy 9.1.31	Computer Locking Policy	PDF	Approved

In Process & Proposed Policies

Policy Number	Policy Name	Link	Status
Policy 9.1.7	Clean Desk Policy	PDF	In Process
Policy 9.1.23	Password Policy	PDF	In Process
Policy 9.1.25	Data Center Visitor Tours Policy	PDF	In Process
Policy 9.1.6	Acceptance of Risk Policy	PDF	Proposed
Policy 9.1.10	HIPAA Coverage Policy	PDF	Proposed
Policy 9.1.11	Information Security Emergency Response Policy	PDF	Proposed
Policy 9.1.17	Security Data Retention Policy	PDF	Proposed

University of Cincinnati Information Security
132/134 University Hall
51 Goodman Drive
Cincinnati, OH 45221

Phone: 513-558-ISEC (4732)
E-mail: infosec@uc.edu