Policies, Procedures, and Guidelines

Board Policies

The foundation of information security policy across all units of the Minnesota State Colleges and Universities is defined by the Board of Trustees in Board Policy.

System Procedures

Procedures support the information security policy by providing more detail on how to meet key aspects the policy goals.

System Guidelines

Guidelines provide additional requirements and recommendations to follow as part of a specific area of information security. Guidelines are defined in reference to a policy, and receive their authority from that policy with the Office of the Chancellor's Chief Information Officer approval.

Board Policy 5.22 Acceptable Use of Computers and Information Technology Resources

System Procedure 5.22.1 Acceptable Use of Computers and Information Technology Resources

Board Policy 5.23 Security and Privacy of Information Resources

System Guideline 5.23.1.1 Password Usage and Handling

Frequently asked questions regarding secure passwords.

System Guideline 5.23.1.2 Encryption for Mobile Computing and Storage Devices

System Guideline 5.23.1.3 Data Sanitization

System Guideline 5.23.1.4 Information Security Incident Response

System Guideline 5.23.1.5 Security Patch Management

System Guideline 5.23.1.6 Vulnerability Scanning

System Guideline 5.23.1.8 Anti-malware Installation and Management

System Guideline 5.23.1.10 Payment Card Industry Technical Requirements