Saint Louis University

Policies and Standards

Policies

Name Brief Summary of Purpose Last Updated
Saint Louis University Information Technology Appropriate Use Policy To provide guidelines for the appropriate use of Saint Louis University's IT resources, as well as for the University's access to information about and oversight of these resources June 2005
Digital Millennium Copyright Act Rules and resources for online intellectual property  
Logical Access and Change Management Controls within the technical environment to ensure stability and security and lay the foundation for internal and external audit compliance
Unauthorized File Sharing Peer-to-peer file sharing requirements
Information Security Management 1.1 (v2.1) To provide guidance necessary to ensure protection of the information assets of the University February 2012
Workforce Security Policy 1.2
To ensure workforce security procedures include requirements for authorization and supervision of access to confidential information May 2010
Backup and Business Continuity Policy 1.3
To ensure that all critical information resources are clearly identified and that business continuity procedures to regularly test the functionality of backup May 2010
Technical Evaluations of Computer Systems and Networks 1.4 To ensure that Saint Louis University periodically performs technical and nontechnical evaluations May 2010
Internal and External Audit Policy 1.5 To establish the authority to conduct audits, outlines audit scope and applicability, and lists requirements for audit documentation and reporting May 2010
Data Center Access 1.6 To ensure protection against unauthorized physical access to servers and infrastructure, residing in SLU data centers May 2010
Maintenance Records Policy 1.7 To ensure that procedural mechanisms exist for maintaining records that document repairs and changes to the physical safeguards of facilities that protect confidential information May 2010
Device and Media Controls 1.8 The purpose of this policy is to ensure that physical safeguards exist to guard data integrity, confidentiality, and availability. May 2010
Logical Access Policy 1.9 The purpose of this policy is to ensure standardization across all information technology systems in regards to ensuring that the appropriate data owners approve user access requests. May 2010
Audit Controls Policy 1.10 To ensure that information resources that contain confidential information are identified, monitor and reviewed using audit controls that record and examine activity May 2010
Transmission Security 1.11 To ensure that technical security measures are taken to guard against unauthorized access to confidential information, which is transmitted via electronic communication networks May 2010
Business Associates Agreements Policy 1.12 To provide guidelines for compliance with Health Insurance Portability and Accountability Act (HIPAA) and the Privacy and Security regulations relating to "Business Associates" May 2010
Information Security Incident Management Policy 1.13 (v1.1) To define the University policy regarding the reporting, management and response by University personnel in the event of a suspected or actual information security incident February 2012
Data Management Policy 1.14 (v1.1) To provide objectives for managing University stored data February 2012
Person or Entity Authentication Policy 1.15 To codify a process that University personnel must follow to verify the authenticity of a person or entity prior to granting authorization February 2012
Automatic Logoff Policy 1.16 To ensure that reasonable steps are taken to implement automatic logging off of users after a predetermined time of inactivity on systems containing confidential information February 2012
Workstation Use Policy 1.17 To establish minimum requirements for the implementation of physical safeguards for workstations that access confidential information February 2012
Electronic Mail Policy 2.2 To ensure the proper use of Saint Louis University's e-mail system while also raising awareness of acceptable and unacceptable uses August 2010
Listserv Policy 2.3 To ensure the appropriate use of the University's Listserv capabilities August 2010

 

Higher purpose. Greater good.
© 1818 - 2016  SAINT LOUIS UNIVERSITY   |   Disclaimer   |  Mobile Site
St. Louis   |   Madrid