Security Policies

2025 EDUCAUSE AI Landscape Study: Into the Digital AI Divide

Wed, 05 Feb 2025 17:58:09 Z

This report summarizes higher education’s experiences related to AI strategy and leadership, policies and guidelines, use cases, the higher education workforce, and the institutional digital divide.

2024 EDUCAUSE AI Landscape Study

Mon, 05 Feb 2024 16:07:24 Z

This report summarizes higher education’s experiences related to AI strategic planning and readiness, policies and procedures, workforce, and its future.

2023 EDUCAUSE Horizon Report | Holistic Student Experience Edition

Fri, 22 Sep 2023 15:13:05 Z

The 2023 EDUCAUSE Horizon Report profiles key trends and emerging technologies and practices shaping the future of the student experience, and envisions a number of scenarios and implications for that future.

Columbia University Administrative Policy Library: Computing and Technology

Tue, 22 Dec 2015 17:36:26 Z

Columbia University: Administrative Policy Library Computing and Technology website

2023 EDUCAUSE Horizon Action Plan: Generative AI

Thu, 14 Sep 2023 17:39:55 Z

This report describes an ideal future for generative AI in higher education, drawing on the insights of a small panel of teaching and learning higher education experts, focusing on a 10-year timescale.

How UMD Supports Researchers With CUI Requirements

Wed, 28 Oct 2020 22:30:45 Z

The University of Maryland Controlled Unclassified Information Environment is a secure computing and storage cluster that supports research and project data that must be protected using the NIST SP 800-171 guidelines. This solution provides our researchers a System Security Plan to present to sponsors.

Information Security and Privacy Policy

Tue, 22 Dec 2015 17:28:10 Z

This is the Information Security and Privacy Policy for Purdue University.

Information Security Program Assessment Tool

Tue, 22 Dec 2015 17:38:04 Z

This self-assessment tool was created to evaluate the maturity of higher education information security programs using as a framework the International Organization for Standardization (ISO) 27002:2013 "Information Technology Security Techniques.

Sensitive Regulated Data: Permitted and Restricted Uses

Tue, 22 Dec 2015 17:35:24 Z

The University of Michigan engages in research, teaching, clinical, and business activities that encompass a variety of sensitive regulated data.

Budget-Conscious Information Security Resources

Tue, 22 Dec 2015 17:38:07 Z

How can institutions that are just starting out with an information security program, or those with even more limited resources, successfully protect institutional IT resources and data?

EDUCAUSE Comments: DHS Controlled Unclassified Information (CUI) Provision

Thu, 16 Mar 2017 19:54:58 Z

EDUCAUSE joined the Council on Government Relations (COGR), the Association of American Universities (AAU), and the Association of Public and Land-grant Universities (APLU) in comments to the U.S. Department of Homeland Security (DHS) about its proposed new CUI grants and contracts provision.

Information Access & Protection Standard

Tue, 22 Dec 2015 17:25:17 Z

This standard provides requirements for handling sensitive information that create a balance between accessibility and protection and ensure that information is not improperly changed, inadvertently or by design.

IT Security Questionnaire/IT Standards and Requirements Questionnaire

Tue, 22 Dec 2015 17:36:36 Z

The University of Missouri IT Standards and Requirements Questionnaire (ITSRQ), currently in draft form, is predominantly focused on SaaS solutions although it can be readily adapted for other purposes.

University of Northern Colorado Information Management and Technology: Standards, Policies & Procedures

Tue, 22 Dec 2015 17:37:23 Z

The University of Northern Colorado provides information technology resources to a large and varied group, including faculty, staff, students and guests.

Penn State Electronic Security and Access Systems

Tue, 22 Dec 2015 17:36:44 Z

It is the policy of The Pennsylvania State University to preserve an open access environment for students, faculty, staff, and the general community while facilitating safety and security by establishing and maintaining standards for electronic security and access control.

Information Security Policy and Standards: Secure Handling of Social Security Numbers

Tue, 22 Dec 2015 17:35:01 Z

Social Security Numbers may not be captured, retained, communicated, transmitted, displayed or printed in whole or in part, except where required or permitted by law, and in accordance with the standards outlined in this policy.

Reporting Electronic Security Incidents

Tue, 22 Dec 2015 17:35:18 Z

This policy is in regards to users of information technology devices connected to the Cornell network, who must report all electronic security incidents promptly and to the appropriate party or office.

Registration and Protection of Endpoints Policy

Tue, 22 Dec 2015 17:35:16 Z

This Columbia University Policy describes the requirements for security controls to protect Endpoints that process, transmit and/or store Data.

Data and Computing Standards

Tue, 22 Dec 2015 17:34:52 Z

University of Massachusetts' Data and Computing Standards security policy.

Risk Classifications

Tue, 22 Mar 2016 20:47:07 Z