Information Technology Policies
Pursuant to the TSUS Rules and Regulations Chapter III §19.2, TSUS IT Policies are adopted as official SHSU policy. TSUS IT Policies are authoritative and establish the minimum requirements for SHSU. Additional SHSU IT and information security policies, standards, procedures, and guidelines are enhancements and adaptations specific to SHSU.
Policies:
- IT-00: Policy Compliance
- IT-01: User Accounts Management Policy
- IT-02: User Accounts Password Policy
- IT-03: Acceptable Use Policy
- IT-04: Virtual Private Network Access Policy
- IT-05: Data Access Review Policy
- IT-06: Data Classification Policy
- IT-07: Technology Incident Management Policy
- IT-08: System Development & Acquisition Policy
- IT-10: Digital Encryption Policy
- IT-11: Data Backup Policy
- IT-12: Network Use & Vulnerability Assessment Policy
- IT-13: Technology Security Training Policy
- IT-14: Server Administration Policy
- IT-15: Media Sanitization Policy
- IT-16: Non-Disclosure Agreement Policy
- IT-17: Risk Assessment Policy
- IT-18: IT Administrator/Special Access
- IT-19: Authorized Software Policy
- IT-20: Electronic Communication Policy
- IT-21: Firewall Policy
- IT-22: Identification/Authentication Policy
- IT-23: Intrusion Detection/Prevention & Security Monitoring Policy
- IT-24: Malicious Code Policy
- IT-25: IT Physical Access & Environmental Policy
- IT-26: Portable Computing Policy
- IT-27: Privacy Policy
- IT-28: Third Party Access Policy
- IT-29: Application Security Policy
- IT-30: Data Security for Online & Mobile Applications Policy
- IT-31: HIPAA Breach Notification Policy
- IT-32: Electronic & Information Resources Accessibility Policy
- IT-S01: Web Site Disclaimer Statement
- IT-S02: Web Privacy & Site Link Statement
- IT-S03: Technology Acquisition Oversight Statement
- IT-S04: User Account Eligibility
- PRE-29: HIPAA Hybrid Entity Designation Policy
- PRE-30: HIPAA SHSU Physicians Policy
- InCommon Federation: Participant Operational Practices
- SHSU Information Security User Guide