IT policies, guidelines and standards

These policies and standards govern computer and network use at Wayne State University, as well as the use of WSU's information technology resources and services.

I. IT policies

1. Acceptable us of information technology resources
   1. Merit acceptable use policy
   2. AccessIDs, electronic mail, and directory services
2. Administrative rights access policy
3. Information technology systems
4. Confidential information policy
   1. Privacy of academic records
   2. Family Educational Rights and Privacy Act (FERPA)
   3. Michigan social security number privacy act
   4. Health Insurance Portability and Accountability Act (HIPAA)
   5. Payment card industry (PCI) data security standard (DSS)
5. Responsibility for Wayne State network infrastructure
   1. C&IT wireless access point use policy
   2. WSU standards for communications infrastructure
6. Web privacy policy

II. IT processes

1. Change management process

III. Information security standards

1. Information security program
2. Strong password standard
3. Audit and accountability
4. Identification and authentication
5. Incident response
   1. IT investigations
6. Personal devices accessing university resources
7. Physical and environmental protection
8. Security awareness training
9. Vulnerability management
10. Standard for system integrity
11. Standard for IT access to administrative systems

IV. Information security guidelines

1. OneDrive for business usage guidelines for Wayne State employees
2. Email forwarding position statement
3. ActiveSync permissions on personal devices position statement
4. SSL certificate issuance policy
5. Tagging external email
6. Data and log retention practices

V. Compliance programs

1. Higher Education Opportunity Act (HEOA) copyright protection plan
2.  GLBA information security program
   1. GLBA compliance guidance form 
   2. Gramm-Leach-Bliley Act