Saint Louis University has put in place numerous policies, guidelines, standards, standard operating procedures (SOPs), and processes to ensure the security of University information and faculty, staff and student data.
Saint Louis University has put in place numerous policies and standards to ensure the security of faculty, staff and students' data and University information.
To review these policies, please visit the Information Security Policies and Standards Google Site. Contact the IT Security and Compliance team at firstname.lastname@example.org with any questions.
Other policies include:
|Name||Summary of Purpose||Last Updated|
|Information Security Policies and Enterprise Standards||To ensure the security of faculty, staff and students' data and University information.|
|Saint Louis University Information Technology Appropriate Use Policy||To provide guidelines for the appropriate use of Saint Louis University's IT resources, as well as for the University's access to information about and oversight of these resources.||June 2005|
|Digital Millennium Copyright Act||To provide rules and resources for online intellectual property|
|Logical Access and Change Management||Controls within the technical environment to ensure stability and security and lay the foundation for internal and external audit compliance.|
|Unauthorized File Sharing||To provide peer-to-peer file sharing requirements|
|Listserv Policy 2.3||To ensure the appropriate use of the University's Listserv capabilities.||
IT Documentation Framework Definitions
A formal, brief, and high-level statement or plan that embraces an organization's general beliefs, goals, objectives, and acceptable procedures for a specified subject area.
Policies always state required actions and may include pointers to standards. Policy attributes include the following:
- Require compliance (mandatory)
- Failure to comply results in disciplinary action
- Focus on desired outcomes, not on means of implementation
- Further defined by standards and guidelines
A mandatory action or rule designed to support and conform to a policy.
- A standard should make a policy more meaningful and effective.
- A standard must include one or more accepted specifications for hardware, software, or behavior.
General statements, recommendations, or administrative instructions designed to achieve the policy's objectives by providing a framework within which to implement procedures.
- A guideline can change frequently based on the environment and should be reviewed more frequently than standards and policies.
- A guideline is not mandatory, rather a suggestion of a best practice. Hence "guidelines" and "best practice" are interchangeable.
- Represent implementation of policy.
- Are a series of steps taken to accomplish an end goal.
- Define "how" to protect resources and are the mechanisms to enforce a policy.
- Provide a quick reference in times of crisis.
- Help eliminate the problem of a single point of failure.
- Can also be known as a SOP (Standard Operating Procedure)