CSU and SDSU IT Security Policies, Standards, and Procedures
The Board of Trustees of the California State University (CSU) and SDSU is responsible for protecting the confidentiality, integrity and availability of CSU information assets. Unauthorized modification, deletion, or disclosure of information assets can compromise the mission of the CSU, violate individual privacy rights, and possibly constitute a criminal act.
The CSU Information Security Program activities are guided by ISO 27002:2013 (Information technology — Security techniques — Code of Practice for Information Security Controls), which are the best industry practices for the management of information security controls.
The CSU and SDSU IT security policies, standards, and/or guidelines are formal statements that specify a set of rules that all users must follow when gaining access to SDSU’s information and information systems.
Information Security
Organization of Information Security
Human Resource Security
Asset Management
Access Control
Cryptography
Physical and Environmental Security
Operations Security
Communications Security
Systems Acquisition, Development and Maintenance
Supplier Relationships
Information Security Incident Management
Information Security Aspects of Business Continuity Management
Compliance