CSU Information Security

Policies and Standards

This page provides links to Information Security Policies and Standards as defined by the CSU and CSU East Bay.

The CSU Information Security policy provides direction for managing and protecting the confidentiality, integrity and availability of CSU information assets. In addition, the policy defines the organizational scope of the CSU information Security Policy. This index will take you to the CSU Policy Topic by clicking on the topic name. While in the CSU Policy you can navigate to all relevant Supplement Policy or Standards by clicking the corresponding link.

Section CSU Policy CSU East Bay Policy Standard
8000.0 Introduction and Scope
8005.0 Policy Management
8010.0 Establishing an Information Security Program
8015.0 Organizing Information Security
8020.0 Information Security Risk Management
8025.0 Privacy of Personal Information
8030.0 Personnel Information Security
8035.0 Information Security Awareness and Training
8040.0 Managing Third Parties
8045.0 Information Technology Security
8050.0 Configuration Management
8055.0 Change Control
8060.0 Access Control
8065.0 Information Asset Management


8070.0 Systems Acquisition, Development and Maintenance
8075.0 Information Security Incident Management
8080.0 Physical Security
8085.0 Business Continuity and Disaster Recovery
8090.0 Compliance
8095.0 Policy Enforcement
8100.0 Electronic and Digital Signatures
8105.0 Responsible Use Policy

Who should I contact if I have more questions?

Please contact the Information Security Office at: iso@csueastbay.edu