CSU Information Security
Policies and Standards
This page provides links to Information Security Policies and Standards as defined by the CSU and CSU East Bay.
The CSU Information Security policy provides direction for managing and protecting the confidentiality, integrity and availability of CSU information assets. In addition, the policy defines the organizational scope of the CSU information Security Policy. This index will take you to the CSU Policy Topic by clicking on the topic name. While in the CSU Policy you can navigate to all relevant Supplement Policy or Standards by clicking the corresponding link.
| Section | CSU Policy | CSU East Bay Policy | Standard |
|---|---|---|---|
| 8000.0 | Introduction and Scope | ||
| 8005.0 | Policy Management | ||
| 8010.0 | Establishing an Information Security Program | ||
| 8015.0 | Organizing Information Security | ||
| 8020.0 | Information Security Risk Management | ||
| 8025.0 | Privacy of Personal Information | ||
| 8030.0 | Personnel Information Security | ||
| 8035.0 | Information Security Awareness and Training | ||
| 8040.0 | Managing Third Parties | ||
| 8045.0 | Information Technology Security | ||
| 8050.0 | Configuration Management | ||
| 8055.0 | Change Control | ||
| 8060.0 | Access Control | ||
| 8065.0 | Information Asset Management |
|
|
| 8070.0 | Systems Acquisition, Development and Maintenance | ||
| 8075.0 | Information Security Incident Management | ||
| 8080.0 | Physical Security | ||
| 8085.0 | Business Continuity and Disaster Recovery | ||
| 8090.0 | Compliance | ||
| 8095.0 | Policy Enforcement | ||
| 8100.0 | Electronic and Digital Signatures | ||
| 8105.0 | Responsible Use Policy |
Who should I contact if I have more questions?
Please contact the Information Security Office at: iso@csueastbay.edu