Close
 
 

UTPA Information Security Policy and Standards

What are Policy and Standards?

A policy is a response to a specific issue. Information Security policies are created to respond to issues that can affect the confidentiality, integrity or availability of UTPA information.

Standards are created by the Information Security Office to translate Policy into documents that can help with its implementation.

Policies

The following are the Information Security policies at UTPA. They apply to students, faculty, staff, vendors, consultants, and volunteers.

Transition from UTPA Security Manual to Information Security Handbook

We are in the process of transitioning from the Information Resources Security Manual to a replacement document that goes by the name of Information Security Handbook. This document will be divided into 18 subdocuments, which are enumerated below. When the document gets finalized, it will have precedence over the corresponding sections in the former document.

Family Document Name Replaces Security Manual Sections Status
Management Controls ISH - Security Assessment and Authorization   Pending
  ISH - Planning   Pending
  ISH - Program Management   Pending
  ISH - Risk Assessment   Draft
  ISH - System and Services Acquisition   Pending
Operational Controls ISH - Awareness and Training   Draft
  ISH - Configuration Management   Draft
  ISH - Contingency Planning   Pending
  ISH - Incident Response   Draft
  ISH - Maintenance   Pending
  ISH-Media Protection   Incomplete
  ISH - Physical and Environmental Protection   Pending
  ISH - Personnel Security   Pending
  ISH - System and Information Integrity   Pending
Technical Controls ISH - Access Controls   Pending
  ISH - Audit Control   Pending
  ISH - Identification and Authentication   Incomplete
  ISH - System and Communication Protection   Pending

Standards