- IT 1.0 (IT Security and Compliance Framework and Governance)
This policy defines the IT Security framework for Alvernia University (“AU”). The policy is intended to ensure AU systems and data are protected from threats to their confidentiality, integrity, and availability. It is aligned with industry best practices and standards. AU relies on information technology assets to conduct and support operations, and recognize the risk to the organization and brand posed by a security breach.
- IT 1.2 (IT Asset Management)
This policy governs the management and oversight of Information Technology (IT) equipment and software owned, leased, or licensed by the Alvernia University (“AU”).
- IT 2.0 (End User Responsibilities)
This policy outlines the responsibility of end users of Alvernia University (“AU”) systems and network. It applies to all faculty, staff, student employees, trustees, contractors, business partners or volunteers who use AU networks, systems, and applications, or who access AU Internal or Confidential data. Explicitly excluded are non-employee students and the general public attending events accessing any wireless network provided solely for public use. These public networks are not addressed by this policy. The policy includes guidelines on retention of documents and other information, whether in paper or electronic form.
- IT 3.0 (IT Security for IT and Data Professionals)
This policy outlines the responsibilities of IT and data professionals within Alvernia University (“AU”), and defines the specific controls required to secure the AU network, systems and data. It applies to all IT and Data Professionals working on AU systems, and all AU systems.
- IT 3.4 (IT Configuration Management)
This policy outlines how Alvernia University (“AU”) controls the configuration of its network, systems, and applications. It applies to all AU managed infrastructure, but excludes systems provided to AU as a service and hosted by the vendor, rather than on AU’s network.
- IT 3.6 (IT Security Incident Response)
Information security is a holistic discipline, meaning that its application, or lack thereof, affects all facets of an organization or enterprise. The goal of the Alvernia University Information Security Program is to protect the Confidentiality, Integrity, and Availability of the data employed within the organization while providing value to the way we conduct business.
- IT 4.0 (IT Security for 3rd Party Partners and Providers)
This policy outlines security expectations and responsibilities for 3rd party partners and providers. It applies to any companies or individuals who provide or support Alvernia University (“AU”) systems and applications, or who manage AU data. It also provides guidance to AU faculty & staff who contract these services.
- IT 5.0 (Web Accessibility Policy)
Alvernia University is committed to facilitating access to university instruction, communication, research, and business processes to the broadest possible audience, in accordance with our commitment to university values. This policy is intended to ensure that the content of Alvernia University’s Internet sites and systems are accessible to those whose disability would otherwise prevent them from obtaining access to university websites for legitimate business purposes.
- IT 6.0 (IT Governance Policy)
Governance, risk, and compliance (GRC) issues increasingly pervade higher education information technology. As institutional investment in IT and reliance on information systems have grown, so has the need for reliable structures and measures to ensure success and minimize failure.
