Policies vs. Standards vs. Procedures
Policies are formal statements created by the university that reflect our mission, which in this case is the protection of CSUN’s information and assets.
Standards are rules or actions that must be done to ensure our policies are being followed. They indicate expected behavior and must be enforced.
Procedures are detailed step by step instructions on how to implement or adhere to the standards.
Guidelines are recommended practices that are based on industry-standard practices.
|Administrative Rights Access Request(.pdf)||Use this form to request local administrative rights on your work desktop.|
|USB Storage Device Exception||Visit this page to learn about dangers of using USB storage devices and how to request an exception.|
|Confidentiality Statement for Consultants and Independent Contractors(.pdf)||Use this form for Consultants and Independent Contractors needing access to CSUN systems and data.|
|Employee Confidentiality Statement(.docx)||Use this form for employee access to University data systems containing personal, academic, or financial information about students, faculty, staff, or alumni.|
|Employee Confidentiality Statement - Faculty(.docx)||Faculty should use this form for employee access to University data systems containing personal, academic, or financial information about students, faculty, staff, or alumni.|
|SOLAR Financial Security Access||Visit this page to learn more about CSUN Financial Systems and how to request access.|
|SOLAR Student Administration Security Access||Visit this page to learn more about Student administration and how to request access.|
|SOLAR Human Resources Security Access(.pdf)||Use this form to request access HR resources such as approving time and absence.|
- CSU Data Classification (Level 1 vs. Level 2 vs. Level 3 data)
- CSUN Information Security Plan
- Family Educational Rights and Privacy Act (FERPA)
- Payment Card Industry Data Security Standard (PCI-DSS) (.pdf)
- Health Insurance Portability and Accountability Act (HIPAA) (.pdf)
- Security checklist
|Policy No.||Policy||Standards||Procedures, Guidelines, Executive Orders (EO), Supplemental Policies,(SP)|
|8015||8015.S000: Information Security Roles Responsibilities (.pdf)|
|8020||Information Security Risk Management|
|8025||Privacy of Personal Information|
|8035||Information Security Awareness and Training|
|8040||Managing Third Parties||VISC Third Party Guidelines (.pdf)|
|8045||Information Technology Security|
|8055||Change Control||Change Management Control (.pdf)|
|8065||Information Asset Management|
|8070||Information Systems, Acquisition, Development, and Maintenance||8070.S000: Application Security (.pdf)|
|8075||Information Security Incident Management||Information Security Incidence Response Procedures (.pdf)|
|8085||EO 1031: Business Continuity & Vital Records (.pdf)|
|8100||Electronic and Digital Signatures|