IT Division Policy, Planning, and Assessment

The Information Technology Division (ITD) is committed to providing the technological resources necessary to create a world-class learning and teaching environment for Weber State University through careful and thoughtful planning and execution. Policies executed to allow an open and collaborative environment to protect our most vital information resources. These elements are critical in providing long-lasting, productive, and synergistic changes to the University computing environment.
Managing the vast information technology resources required to sustain staff functions and student learning can be challenging. To do this effectively, the ITD has developed and continues to refine a set of Policies, Standards, Processes, and Guidelines to govern how we do business.

Please get in touch with the Senior IT Policy & Planning Administrator if you have any questions (njarvis@weber.edu).

Policy and Procedure Manual (PPM) for the IT Division

Section 10-1 Information Security Policy

Appendix A - Roles and Responsibilities

Appendix B - Standards and Guidelines

Section 10-2 Acceptable Use Policy (AUP) of University Information Technology Resources

Section 10-3 Network Security/Firewall Policy

Section 10-4 Payment Card Handling Policy

Section 10-5 University Telecommunications Services Policy

Section 10-6 Mobile Device Policy

Section 10-7 Cloud Storage and Application Policy

Standards & Guidelines

Active Directory Management Standard

The IT Division supports the University's Alternative Work Guidelines & Expectations

University Computing Documentation Standard

Center for Internet Security (CIS) Critical Security Controls (CSCs)

CIS CSC 1: Inventory and Control of Enterprise Assets CIS CSC 11: Data Recovery
CIS CSC 2: Inventory and Control of Software Assets CIS CSC 12: Network Infrastructure Management
CIS CSC 3: Data Protection CIS CSC 13: Network Monitoring and Defense
CIS CSC 4: Secure Configuration of Enterprise Assets and Software CIS CSC 14: Security Awareness and Skills Training
CIS CSC 5&6: Account Management/Access Control Management CIS CSC 15: Service Provider Management
CIS CSC 7: Continuous Vulnerability Management CIS CSC 16: Application Software Security
CIS CSC 8: Audit Log Management CIS CSC 17: Incident Response Management
CIS CSC 9: Email and Web Browser Protections CIS CSC 18: Penetration Testing
CIS CSC 10: Malware Defenses  

Procedures

CIS Controls 4 - Documented Process (CIS CSC 4: Secure Configuration of Enterprise Assets and Software)

Vulnerability Management Process (CIS CSC 7: Continuous Vulnerability Management)

Policy Actions

New Policy Request

Policy Change Request

Policy Exception Request

Note:  You must be logged in to your Weber Google Apps account on the browser you use to view these forms.