Division of Information Technology
Better preparing you for your experiences on the internet
North Georgia Information Security Policy
Policies are high-level expressions of organizational intent and requirements that pertain to particular topics. Policies are mandatory and enforced meaning they must be followed.
| Policy Title | Description | Status |
| Information Security Program Policy | The ISPP is an accessible, and understandable summary of the information security framework relevant to North Georgia employees and campus affiliates. | Ratified |
| Information System Acceptable Usage Policy | The Information System Acceptable Usage Policy, this is the standard by which all systems that attach to the University network must adhere to. | Ratified |
| Antivirus Software Policy | Describes the requirement that antivirus software shall be used on systems which access campus networks. | Ratified |
| Confidential Data Handling Policy | Describes the requirements necessary for ensuring shared security practices related to the management of confidential data records. | Ratified |
| Data Management and Access | Describes the requirements and principles required for providing appropriate safeguards and managing data assets. | Ratified |
| Digital Millenium Copyright Act | Describes the requirements to be followed for appropriate management of Digitial Millenium Copyright Act (DMCA) violation notices. | Ratified |
| Electronic Information Sanitization | Describes the approach used to ensure that data in the form of electronic information is removed from devices and storage media before repurposing or surplus. | Ratified |
| Firewall and Network Filtering | Details how firewalls and network filters will be used to protect North Georgia information systems. | Ratified |
| Incident Response | Outlines the requirements needed to ensure a timely and structured response to computer and network security incidents. | Ratified |
| Network Account Policy | Describes the management of user accounts on the network. | Ratified |
| Password Policy | Describes the requirements necessary for securely creating and managing password credentials used to access campus services and resources. | Ratified |
| Remote Access | Defines the management and utilization requirements necessary for securing remote access connections. | v1.2 |
| Risk Management | Defines the requirements and responsbilities for the enactment of a formal information risk management process. | Ratified |
| Wireless Access | Describes the requirements necessary for deploying and using wireless network technology. | Ratified |