San Diego State University - Leadership Starts Here

Information Technology Security Office (ITSO)

Skip repeated menu and go directly to page content.

Security Checklist

A Security Checklist is required to be completed by faculty/MPP (AKA "Manager") as part of the procurement process for all new or changed purchases and formal bids involving access to SDSU information or computer systems. Consultation with IT support staff is recommended to ensure technical details.

Click here to download the Security Checklist.

There are two parts to the checklist:

  1. Identification of cloud computing. Identification of cloud computing. As required by the SDSU Information Security Plan, we must ensure that any vendor that accesses, stores, or processes SDSU information maintains appropriate information security. Vendors must complete this section of the checklist. Any checked boxes in part 1 would indicate a cloud hosted solution is involved in the contract.
  2. Identification of protected data. This part of the form indicates the types and amounts of protected information involved in the contract for the IT Security Office to determine the risk level should the data or system be compromised.

Click below for the appropriate assessment and the directions to complete it.


Note: documents in Portable Document Format (PDF) require Adobe Acrobat Reader 5.0 or higher to view. Download Adobe Acrobat Reader.