The global meet conference lines have been restored

Policy

These policies fall within the overarching ACD125: Information Security Policy which defines the boundaries of acceptable use of ASU computing and communication resources. The full policy can be found in the Academic Affairs Policies and Procedures Manual (ACD 125).

For additional detail on process and procedure guidance see Get Protected.

Web Application Security Standard

The purpose of this standard is to improve the security of ASU web applications by addressing threat modeling and security testing, web application criticality and the associated review process, the web application sign-off/approval process and recommended guidelines.

Get the PDF.

System Audit Requirements

This document contains requirements for logging activities on High Risk and Confidential systems.

Get the PDF.

Secure Development Lifecycle

This standard outlines security related responsibilities and expectations for software development that occurs at the University.

Get the PDF.

Secure Web Development Standard

This standard establishes guidelines and standards for the preservation of the confidentiality, integrity and availability of University information resources associated with websites.

Get the PDF.

IT Risk Assessment Standard

This document outlines ASU’s approach for identifying and analyzing risk areas and taking corrective action in an effort to provide the most secure environment possible.

Review the standard here. 

Privileged Accounts Standard

This document establishes guidelines for UTO to ensure the secure use of system accounts and administrator or privileged access rights.

Get the PDF.

Patch Management Standard

The Patch Management Standards describes basic patch management expectations for University systems.

Get the PDF.

Password Standard

Documentation of ASU’s standard regarding the changing of passwords that are used to grant access to University resources.

Get the PDF.

Peer-to-Peer (P2P) File Transfer & Copyright Infringement Standard

This document describes acceptable and prohibited uses of P2P software and protocols on ASU's network, University sanctions for prohibited uses, and responsibilities for compliance.

Get the PDF.

Pages