Skip to main content
MenuSearch & Directory

SLU ITS Policies & Standards

Saint Louis University has put in place numerous policies, guidelines, standards, standard operating procedures (SOPs), and processes to ensure the security of University information and faculty, staff and student data.

Policies

Saint Louis University has put in place numerous policies and standards to ensure the security of faculty, staff and students' data and University information.

To review these policies, please visit the Information Security Policies and Standards Google Site. Contact the IT Security and Compliance team at infosecurity@slu.edu with any questions.

Other policies include:

Name Summary of Purpose Last Updated
Information Security Policies and Enterprise Standards To ensure the security of faculty, staff and students' data and University information.  
Saint Louis University Information Technology Appropriate Use Policy To provide guidelines for the appropriate use of Saint Louis University's IT resources, as well as for the University's access to information about and oversight of these resources. June 2005
Digital Millennium Copyright Act To provide rules and resources for online intellectual property  
Logical Access and Change Management Controls within the technical environment to ensure stability and security and lay the foundation for internal and external audit compliance.  
Unauthorized File Sharing To provide peer-to-peer file sharing requirements  
Listserv Policy 2.3 To ensure the appropriate use of the University's Listserv capabilities.

August 2010

 

IT Documentation Framework Definitions

Policy

A formal, brief, and high-level statement or plan that embraces an organization's general beliefs, goals, objectives, and acceptable procedures for a specified subject area. 

Policies always state required actions and may include pointers to standards. Policy attributes include the following:

  • Require compliance (mandatory)
  • Failure to comply results in disciplinary action
  • Focus on desired outcomes, not on means of implementation
  • Further defined by standards and guidelines
Standard
 

A mandatory action or rule designed to support and conform to a policy.

  • A standard should make a policy more meaningful and effective.
  • A standard must include one or more accepted specifications for hardware, software, or behavior.
Guideline
 

General statements, recommendations, or administrative instructions designed to achieve the policy's objectives by providing a framework within which to implement procedures.

  • A guideline can change frequently based on the environment and should be reviewed more frequently than standards and policies.
  • A guideline is not mandatory, rather a suggestion of a best practice. Hence "guidelines" and "best practice" are interchangeable.
Procedure
 Procedures describe the process: who does what, when they do it, and under what criteria. They can be text-based or outlined in a process map and:
  • Represent implementation of policy.
  • Are a series of steps taken to accomplish an end goal.
  • Define "how" to protect resources and are the mechanisms to enforce a policy.
  • Provide a quick reference in times of crisis.
  • Help eliminate the problem of a single point of failure.
  • Can also be known as a SOP (Standard Operating Procedure)
Work Instructions
 Describe how to accomplish a specific job. Visual aids, various forms of job aids, or specific assembly instructions are examples of work instructions. Work instructions are specific.
Forms and Other Documents
Forms are documentation that is used to create records, checklists, surveys or other documentation used in the creation of a product or service. Records are a critical output of any procedure or work instruction and form the basis of process communication, audit material, and process improvement initiatives.