This page is maintained by the IT Community Partnerships group within UITS. The "IT Required Practices" file was reviewed by Internal Audit, the University Information Policy Office, the University Information Security Office, and many people inside and outside of UITS.
It is considered a fundamental list of required practices that all units should implement and maintain. Of course, some units may be required to apply stronger technical and administrative controls, depending on the nature of the work they do.
The templates are provided as examples for your own departmental use, to save you time as you document your own policies and procedures, and strengthen the security posture of your department.
Please feel free to contact us to add or modify any of the content here. We are always happy to add more examples!